US8614950B2 - Load balancing hash computation for network switches - Google Patents

Load balancing hash computation for network switches Download PDF

Info

Publication number
US8614950B2
US8614950B2 US13/305,802 US201113305802A US8614950B2 US 8614950 B2 US8614950 B2 US 8614950B2 US 201113305802 A US201113305802 A US 201113305802A US 8614950 B2 US8614950 B2 US 8614950B2
Authority
US
United States
Prior art keywords
hash value
data unit
field
symmetric key
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US13/305,802
Other versions
US20120134497A1 (en
Inventor
Amir Roitshtein
Tal Mizrahi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Marvell Israel MISL Ltd
Original Assignee
Marvell Israel MISL Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Marvell Israel MISL Ltd filed Critical Marvell Israel MISL Ltd
Priority to US13/305,802 priority Critical patent/US8614950B2/en
Assigned to MARVELL ISRAEL (M.I.S.L) LTD. reassignment MARVELL ISRAEL (M.I.S.L) LTD. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ROITSHTEIN, AMIR, MIZRAHI, TAL
Publication of US20120134497A1 publication Critical patent/US20120134497A1/en
Priority to US14/139,428 priority patent/US9455966B2/en
Application granted granted Critical
Publication of US8614950B2 publication Critical patent/US8614950B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/50Overload detection or protection within a single switching element
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/19Flow control; Congestion control at layers above the network layer
    • H04L47/193Flow control; Congestion control at layers above the network layer at the transport layer, e.g. TCP related
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/41Flow control; Congestion control by acting on aggregated flows or links

Definitions

  • the present disclosure relates generally to communication systems and, more particularly, to computing hash values for data units at a computing or network device.
  • hash functions are widely used in a variety of computing applications to map data in a larger set to a value in a smaller set. For example, a relatively long sequence of bits may be supplied as an input into a mathematical function to generate a shorter sequence of bits that serves as an index into a database table.
  • a network switch may receive and transmit data packets via multiple ports.
  • network links sometimes are purposefully aggregated to provide more bandwidth between communicating devices or networks. Grouping links together to define wider communication channels is known as link aggregation (LAG).
  • LAG link aggregation
  • ECMP equal-cost multi-path
  • Embodiments of a method for load balancing traffic in a communication network include receiving a data unit or packet at a network device included in the communication network, where the network device is associated with a link aggregate group included in the communication network.
  • the method further includes determining an initial key based on information included in the data unit, generating a symmetric key based on a first field of the initial key and a second field of the initial key, and applying a hash function to the symmetric key to generate a hash value.
  • the method includes determining, based on the hash value, a communication link in the link aggregate group; and causing the data unit to be transmitted over the communication link.
  • Embodiments of a network device for load balancing traffic in a communication network include a network interface configured to receive a data unit and a hash value generator configured to generate a hash value based on the data unit.
  • the hash value generator includes a symmetric key generator configured to generate a symmetric key based on a source field of an initial key and on a destination field of the initial key, where the initial key is based on at least a portion of data included in the data unit.
  • the hash value generator further includes a hash function to generate the hash value based on the symmetric key.
  • the network device includes a link selector configured to select, based on the hash value, a communication link to egress the data unit from the network device.
  • Embodiments of a network device for load balancing traffic in a communication network include a network interface to receive a data unit and a hash value generator to generate a hash value based on the data unit.
  • the hash value generator includes a symmetric key generator configured to generate a symmetric key based on the data unit and a hash function configured to generate the hash value based on the symmetric key.
  • the symmetric key is configured to cause a common hash value to be generated by the hash function for different sequences of a first field corresponding to the data unit and a second field corresponding to the data unit.
  • the network device includes a link selector to select, based on the hash value, a communication link to egress the data unit from the network device.
  • FIG. 1 is a block diagram of a communication network in which network devices apply hash computation techniques discussed herein, according to an embodiment.
  • FIG. 2 is a block diagram of an example hash value generator which is implemented in the network devices of FIG. 1 , according to an embodiment.
  • FIGS. 3A and 3B are block diagrams that illustrate an example of a remapping function or table that is included in the hash value generator of FIG. 2 , according to an embodiment.
  • FIG. 4 is block diagram that illustrates an example application of a hash value generated by the hash value generator of FIG. 2 , according to an embodiment.
  • FIG. 5 is a block diagram of an example hash value modifier which is implemented in the network devices of FIG. 1 , according to an embodiment.
  • FIG. 6 is a flow diagram of an example method for avoiding polarization in a communication network that is implemented by one or several network devices of FIG. 1 , according to an embodiment.
  • FIG. 7 is a flow diagram of an example method for load balancing traffic in a communication network that is implemented by one or several network devices of FIG. 1 , according to an embodiment.
  • FIG. 8 includes a block diagram of an example network switch or device having virtual ports and configured to load-balance across a set of virtual ports of the network device.
  • FIG. 9 is a flow diagram of an example method for load balancing traffic in a network device that is implemented by one or several network devices of FIG. 1 or of FIG. 8 , according to an embodiment.
  • FIG. 1 is a block diagram of an example communication network 10 in which several network devices ND 1 , ND 2 , . . . , ND 6 process data flows between an external network 12 and an internal network 14 , according to an embodiment.
  • the network 10 utilizes multi-path load-balancing as will be discussed below.
  • the network devices ND 1 -ND 6 may be of the same or different types, and include workgroup switches, other types of switches, routers, or any other suitable devices having data processing capability, in various embodiments.
  • Each of the network devices ND 1 -ND 6 includes a respective hash value generator 16 a - 16 f that implements at least some of the techniques discussed below, in an embodiment.
  • the network device ND 1 receives data units (such as packets or frames) traveling from the external network 12 to the internal communication network 14 via communication links 18 , 20 , and 22 at respective ports P 1 , P 2 , and P 3 (generally referred to herein as “receive ports” or “source ports” P R ).
  • the network device ND 1 forwards the received data units to the network devices ND 2 or ND 3 via the corresponding ports P 4 , P 5 , and P 6 (generally referred to herein as “transmit ports” or “destination ports” P T ) and, ultimately, respective communication links 24 , 26 , and 28 .
  • the network device ND 1 thus has a receive interface (also referred to as a “receive network interface”) to which the communication links 18 , 20 , and 22 are coupled, and a transmit interface (also referred to as a “transmit network interface”) coupled to the communication links 24 , 26 , and 28 .
  • the routing configuration of the load-balancing network 10 in some scenarios, is such that the network device ND 1 selects one of the ports of P 4 , P 5 , or P 6 to properly direct a data packet toward its destination in the internal network 14 .
  • the network device ND 1 applies load-balancing techniques to distribute the received packets among the appropriate ones of the links 24 - 28 .
  • the network device ND 1 selects one of the ports corresponding to an appropriate link.
  • the network device ND 1 utilizes the hash value generator 16 a to generate an efficient hash value using parameters specific to the network device ND 1 , in an embodiment.
  • the hash value is applied to a link selector to select a communication link in a link aggregate group (e.g., links 24 , 26 , 28 ) along which the data packet is to travel.
  • Some techniques often produce intra-switch polarization, or “favoring” of a particular link in a group of suitable links for certain types of packets.
  • the same load balancing decision may be made at each hop, thus producing inter-switch polarization, or a favoring of a particular path through the load-balancing network.
  • the hash value generator 16 a avoid link polarization and/or inter-switch polarization and improve the overall distribution balance of data packets among communication links thereby increasing network bandwidth and reducing latency.
  • FIG. 1 illustrates a particular embodiment of the network devices ND 1 -ND 6
  • each of these the network devices ND 1 -ND 6 includes any suitable number of ports, and at least some of the network devices ND 1 -ND 6 have different numbers of ports.
  • some or all of the network devices ND 1 -ND 6 perform protocol translation for some of the packets by removing and/or adding protocol headers at one or several protocol layers of a corresponding communication protocol stack.
  • the links 18 - 22 correspond to different physical communication channels such as network cables, wireless bands, etc., or logical channels such as timeslots of a digital signal 1 (DS 1 ) line, to take one example, in various embodiments.
  • ports P 1 -P 3 correspond to physical or logical resources of the network device ND 1 , in various embodiments.
  • the link 18 carries one or more data flows 30 - 34 .
  • each of the data flows 30 - 34 is a bidirectional flow including data traveling from the network 12 to the network 14 , or inbound data, and data traveling to the network 12 from the network 14 , or outbound data.
  • the links 20 and 22 also carry one or several data flows, in an embodiment. Some of the data flows 30 - 34 are associated with more than one of the links 18 - 22 , in an embodiment.
  • the data flows 30 - 34 are associated with different communication protocols such as Transmission Control Protocol (TCP) layered over Internet Protocol (IP) (hereinafter, “TCP/IP”), User Datagram Protocol (UDP) layered over IP (hereinafter, “UDP/IP”), File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), etc.
  • TCP Transmission Control Protocol
  • UDP User Datagram Protocol
  • FTP File Transfer Protocol
  • HTTP Hypertext Transfer Protocol
  • the data flow 30 corresponds to FTP
  • the data flow 32 corresponds to Telnet
  • HTTP Hypertext Transfer Protocol
  • some of the data flows 30 - 34 correspond to different sessions associated with the same communication protocol, in some scenarios.
  • a typical network link also includes Simple Mail Transfer Protocol (SMTP), Structured Query Language (SQL), and several additional data flows associated with e-mailing, web browsing, database applications, remote login, and other application types.
  • STP Simple Mail Transfer Protocol
  • SQL Structured Query Language
  • An operator can configure the network devices ND 1 -ND 6 to process and route data flows on other layers of various protocol stacks.
  • each of the data flows 30 - 34 includes multiple streams, sessions, or connections corresponding to various communication protocol layers. It is noted that some protocols, such as TCP, are connection-oriented while others, such as UDP, are connectionless.
  • an outside host on the network 12 connects to a local host on the network 14 by establishing a TCP connection having a particular address and port combination on both ends. This connection is identifiable by the TCP header specifying, in part, the address of the outside host, the address of the local host, the port on the outside host, and the port on the local host.
  • An individual TCP/IP packet carries a certain quantum or chunk of information associated with the same connection, or communication session.
  • each of the data flows 30 - 34 includes one or more streams such as TCP streams including multiple packets associated with a single data exchange or single packets conveying individual messages in their entirety.
  • a data stream generally refers to a unidirectional or bidirectional data exchange between two or more hosts including one or more data units such as data packets or frames.
  • an example data packet 40 belongs to the TCP/IP flow 34 , as an example, and travels in the inbound direction relative to the internal network 14 .
  • the data packet 40 includes a header 42 and a payload 44 .
  • the header 42 corresponds to one or more layers of the protocol stack and, in some cases, identifies the corresponding packet as belonging to a particular connection-oriented or connectionless data stream.
  • the header 42 refers to all information that precedes the payload on the transport layer, i.e., layer four (L4) in the Open System Interconnection (OSI) seven-layer model.
  • the header 42 includes all headers up to and including the application-layer header or, conversely, includes less than the headers of the layer two (L2), layer 3 (L3), and L4 of the OSI model, in various embodiments.
  • data packets traveling through the load-balancing network 10 have a suitable desired length consistent with the corresponding protocol (e.g., TCP/IP in the case of the data packet 40 ).
  • the length of the data packet 40 is operator-configurable to accommodate the particular requirements of the network devices ND 1 -ND 6 , in some embodiments.
  • the network devices ND 1 -ND 6 operate on protocols or protocol layers which do not define packets of a particular length. In this sense, an individual packet is any logical designation of a grouping or quantum of data.
  • the term “packet” or “data unit” refer simply to a grouping of data on a particular stream for the purpose of generating a hash value by one of the network devices ND 1 -ND 6 .
  • each of these terms refers to a grouping of data included in two or more frames of a communication protocol.
  • a single data packet includes multiple TCP frames in one embodiment.
  • FIG. 2 is a block diagram of an example high-level architecture of each of the hash value generators 16 a - 16 f .
  • the discussion herein refers to generally to a hash value generator “ 16 ,” although the principles and techniques apply to any of the hash value generators 16 a - 16 f of FIG. 1 , or to other suitable hash value generators.
  • the architecture of each of the hash value generators 16 a - 16 f is in accordance with the hash value generator 16 of FIG. 2 .
  • one or more of the hash value generators 16 a - 16 f differs from other hash value generators in the communication network 10 .
  • a particular hash value generator omits one or more blocks shown in FIG. 2 , or one or more parameters utilized by different hash value generators 16 a - 16 f are unique within the network 100 .
  • some of the components of the hash value generator 16 are implemented using hardware, microcode, software instructions executed by a processor, firmware instructions executed by a processor, or combinations thereof.
  • the hash value generator 16 is implemented on an application-specific integrated circuit (ASIC) included on a printed circuit board card device having an interface compatible with Peripheral Component Interconnect (PCI) or similar standard.
  • ASIC application-specific integrated circuit
  • PCI Peripheral Component Interconnect
  • the hash value generator 16 is configured to determine, based on a data unit or packet 102 , a key 110 that is used to determine a hash value 115 , in an embodiment.
  • the hash value generator 16 configures the key 110 to affect load balancing and/or to decrease polarization both within the network device itself (e.g., “intra-switch” or “intra-device”) and within the communication network 10 (e.g., “inter-switch” or “inter-device”), in an embodiment.
  • the hash value generator 16 includes an initial key generator 100 that operates on a received data unit or packet 102 .
  • the initial key generator operates on N B input bytes (or “input data”) of the received data unit or packet 102 to generate an initial key 105 of length N B .
  • the initial key 105 includes a string of bytes included in the data unit or packet 102 , and, in some embodiments, the initial key 105 includes additional information such as an identification of a source port via which the data unit or packet 102 ingressed into the network device.
  • a length of the string e.g., (N B ) is equal to 70 bytes of information. In other embodiments, however, other suitable values of N B are utilized.
  • the initial key 105 includes a source field whose contents correspond to a source from which the data unit or packet 102 was received, and a destination field whose contents correspond to a destination to which the data unit or packet 102 is to be transmitted, in an embodiment.
  • the source and destination fields refer to any suitable source and destination, and have any suitable format, e.g., source and destination IP (Internet Protocol) address fields, source and destination MAC (media access control) address fields, source and destination virtual port identifications, source and destination physical port identifications, etc.
  • the hash value generator 16 includes an initial key modifier 108 , in an embodiment.
  • the initial key modifier 108 modifies the initial key 105 in a known manner to generate a modified key 110 that enables the hash value generator 16 to generate depolarized and/or load balanced traffic across the communication network 10 and/or across a particular network device ND 1 -ND 6 .
  • the modified key 110 may be interchangeably referred to herein as a depolarized initial key.
  • the initial key modifier 108 introduces a consistent modification to the initial key 105 , so that teach initial key 105 is consistently modified at a given device ND 1 -ND 6 .
  • each device ND 1 -ND 6 has a different consistent modification introduced by the initial key modifier 108 .
  • the initial key modifier 108 includes a symmetric key changer 112 , also referred to herein as a “symmetric key generator.”
  • the symmetric key changer 112 is configured to modify the initial key 105 to produce a modified key 110 so that a common hash value is produced at a particular network device for the particular initial key 105 for both directions of traffic. That is, for a given initial key 105 , a packet addressed to travel between network devices ND 1 and ND 5 , a same common hash value is generated whether ND 1 is the source of the packet or ND 1 is the destination of the packet.
  • packets of a particular flow travel along a same path throughout the network 100 .
  • all packets of a particular flow travel in both directions along the same path throughout the network 100 . In this manner, traffic between network devices ND 1 -ND 6 is load balanced across the communication network 10 .
  • the symmetric key changer or generator 112 modifies two different fields of the initial key 105 based on a commutative function, in an embodiment, to produce a modified key 110 that includes two corresponding symmetric key fields.
  • the symmetric key fields allow a common hash value to be generated irrespective of the order of the two different initial key fields, in an embodiment.
  • the new symmetric fields are included in a modified key 110 , and the modified key 110 is provided as an input to a hash value determiner 108 to generate a corresponding hash value 115 , in an embodiment. Due to the symmetry of the fields of the modified key 110 , the resulting hash value 115 generated by the hash value determiner 108 is a common hash value for both directions of traffic of the same flow, e.g., for packets having a same initial key 105 . The common hash value is used by the network device to select a link over which the data unit or packet 102 is to be transmitted or forwarded, thus resulting in symmetrical loading throughout the network 10 irrespective of the order of the initial fields.
  • the common hash value is used by the network device to select a link over which the data unit or packet 102 is to be transmitted or forwarded, thus resulting in symmetrical loading throughout the network 10 irrespective of the order of the initial fields.
  • the commutative function is an addition or additive function, although in other embodiments, other commutative functions (e.g., multiplication, etc.) may be used by the symmetric key changer 112 .
  • the symmetric_destination_field is set to zero, while in other embodiments, the symmetric_destination_field is set to any suitable constant value, or to a derivative of the symmetric_source_field.
  • the initial source and destination fields are effectively independent of any particular OSI layer, and as such, the initial source and destination fields may correspond to any suitable addressing or identification scheme, such as IP addresses, MAC addresses, virtual port identifiers, physical port identifiers, etc.
  • a symmetric key changer or generator 112 in the hash value generator 16 provides for symmetrical latency throughout a communication network 10 , and thus increases the predictability of traffic flow for load balancing, in some embodiments. Additionally, the symmetric key changer 112 allows traffic to be intercepted at a network device using a single tap (e.g., a monitoring tap), as well as provides for easier traffic analysis and deep packet inspection, in some embodiments.
  • the hash value generator 16 includes a field selector 118 .
  • the field selector 118 determines a subset of the bits or bytes of the data unit 102 based on a hash mask 120 , in an embodiment.
  • the field selector 118 masks the input bytes that are unselected by the hash mask 120 , i.e., zeroes-out the unselected bytes or replaces these bytes with a predefined value to generate a modified key 110 .
  • the data unit or packet 102 includes, in the first several positions, the bytes 0xA3 0xD4 0x36 0xF3 0x55 . . .
  • the hash mask 120 begins with the bits 11001 . . . , and the field selector 118 accordingly outputs 0xA3 0xD4 0x00 0x00 0x55. In this manner, the mask 120 selectively turns on or off individual bytes in the N B input bytes of the data unit 102 , and thus controls which fields (e.g., fields in the header 42 , fields associated with certain parameters of the device (e.g., device ND 1 , etc.) are used in generating a hash value. In an embodiment, the hash mask 120 is selected based on a type of the packet, e.g., MPLS (Multiprotocol Label Switching), IPv4 (Internet Protocol version 4), IPv6 (Internet Protocol version 6), etc.
  • MPLS Multiprotocol Label Switching
  • IPv4 Internet Protocol version 4
  • IPv6 Internet Protocol version 6
  • the hash value generator 16 includes a polarization avoidance unit 122 that operates on the initial key 105 .
  • the polarization avoidance unit 122 includes a depolarized key generator, in an embodiment, that forms the modified key 110 based on the initial key 105 .
  • the polarization avoidance unit 122 is configured to allow the network device to generate a same, common hash value for all packets of a particular flow (e.g., one of flows 30 - 34 of FIG. 1 ). A different hash value is generated for the particular flow at another network device, and still different hash values are generated for different flows at the given device and at other network devices within the communication network 10 .
  • the modified key 110 generated by the polarization avoidance unit 122 causes the hash value determiner 108 to generate a hash value 115 so that inter-switch traffic polarization is avoided.
  • the modified key 110 may be interchangeably referred to herein as a “depolarized initial key” or a “depolarized key.”
  • the depolarized key 110 is generated by applying a depolarizing function or depolarizer 125 to the initial key 105 or to selected field of the initial key 105 , for example.
  • the depolarizing function of depolarizer 125 is a common depolarizer for packets or data units having a same set of parameter values (e.g., a same source field and a same destination field).
  • the depolarizing function 125 is an exclusive-or (XOR) function, a remapping function, an additive function such as a unique salt or seed, etc.
  • XOR exclusive-or
  • a remapping function an additive function such as a unique salt or seed, etc.
  • a different hash value 115 is produced by each network device ND 1 -ND 6 for a given data unit or packet 102 . Within the communication network 10 , each hash value 115 has a reasonable probability of being essentially or functionally unique. As such, inter-switch or inter-device polarization of network traffic is avoided within the communication network 10 , in an embodiment.
  • the depolarization function or depolarizer 125 of the polarization avoidance entity 122 is based on a bijective remapping table or function 200 , such as illustrated in FIGS. 3A and 3B .
  • the table or function 200 remaps each byte 202 a - 202 n of the input 202 (e.g., of the initial key 105 ) to a unique byte 205 a - 205 n of the output 205 .
  • the output 205 of the remapping table or function 200 is a permutation of the input 202 and includes all values of the input 202 .
  • a one-to-one mapping exists between input values 202 and output values 205 .
  • the one-to-one mapping is randomly or pseudo-randomly generated, in an embodiment.
  • An illustration of a remapping of an example input bit stream 210 to an example output bit stream 212 based on the table 200 is illustrated in FIG. 3B .
  • the depolarization function or depolarizer 125 is a salt or seed that is combined with the initial key 105 .
  • the salt or seed is a series of bits that is unique, within the communication network 10 , to a particular network device. That is, each network device ND 1 -ND 6 within the communication network 10 includes a respective unique salt or seed used by its respective hash value generator 16 a - 16 f .
  • each salt in the network 10 is randomly generated or pseudo-randomly generated.
  • the salt or seed is user-configurable.
  • the salt or seed may be any number of bits, and may be combined with the initial key 105 in any manner, such as by appending the salt to the initial key 105 , by pre-pending the salt to the initial key 105 , or by interleaving bits or bytes of the salt within bits or bytes of the initial key 105 .
  • combining the salt with the initial key 105 is an essentially bijective function, e.g., the combination of the salt and the initial key 105 is bijective for all bits except for a subset of bits, such as the last bits.
  • each network device ND 1 -ND 6 within the communication network 10 includes a unique salt or seed, each network device ND 1 -ND 6 generates a different depolarized key for packets having a same initial key 105 .
  • the initial key modifier 108 includes a symmetric changer 112 whose output is masked by a field selector 118 , whose output is then depolarized by the polarization avoidance unit 122 , resulting in the modified key 110 that is input to the hash value determiner 108 .
  • the hash value generator 16 one or more of the entities 112 , 118 and 122 is omitted. Additionally or alternatively, the order of operation of entities 112 , 118 and 122 as applied to the initial key 105 is different than as illustrated in FIG. 2 , in some embodiments.
  • the modified key 110 is generated by modifying the initial key 105 with only the symmetric changer 112 ; in another example, the modified key 110 is generated by modifying the initial key 105 by both the field selector 118 and the polarization avoidance entity 122 ; and in yet another example, the initial key 105 is modified only by the polarization avoidance unit 122 .
  • the hash value generator 16 a - 16 f of each network device ND 1 -ND 6 of the communication network 10 includes the same entity or the same set of entities selected from entities 112 , 118 and 122 , although such uniformity is not necessary.
  • the hash value determiner 108 operates on the modified key 110 and generates a hash value 115 based on a hash function 128 , in an embodiment.
  • the hash function 128 applied to the modified key 110 is a same, common hash function 128 at each device ND 1 -ND 6 .
  • the hash value 115 generated by the hash function 128 is shorter in length than the length of the modified key 115 .
  • the hash value is provided to a client 130 for use in processing or forwarding data units or packets, in an embodiment.
  • the client 130 is included on the network device, in an embodiment, and the client 130 may be included on a same solid state device or a different solid state device as the hash value generator 16 .
  • Examples of types of clients 130 of the hash value 115 include, for example, routers, trunks, trunk members, layer 2 ECMP, egress tables, ingress tables, TCAMs (ternary content addressable memories), and the like.
  • the hash value 115 is used by the client 130 to select a communication link over which to transmit the data unit 102 .
  • the hash value 115 is configured to effect the selection of communication links to balance traffic loads and to avoid polarization within the network 10 , in some embodiments.
  • the hash function 128 is configured to generate a hash value 115 that is sufficiently long enough to avoid overlap among fields so as to provide a uniform distribution of traffic or a desired level of sufficient uniformity of traffic distribution across communication links, thereby avoiding network device polarization.
  • the hash function 128 includes a cyclic redundancy check (CRC) generator, such as a CRC32 generator that outputs a hash value 115 having a length of 32 bits.
  • CRC cyclic redundancy check
  • the client 130 is an egress interface table 160 and the hash value 115 generated by the hash value generator 16 is used as an index into the egress interface table 160 , in an embodiment.
  • the network device ND 1 determines, based on the header 42 , the ingress port at which the data packet 40 is received, or using any other suitable information, that the data packet 40 belongs to a link aggregate group g having/members (i.e., links).
  • a selector 162 of the network device ND 1 applies a function to the hash value 115 to generate an index into the table 160 .
  • the network device ND 1 uses the generated index to select an entry in the egress interface table 160 at row g which specifies a link on which the data packet 40 is to be propagated, in an embodiment.
  • an entry of the egress interface table 160 specifies a particular virtual destination port.
  • the network device ND 1 determines that the data packet 40 is to be forwarded to a group of virtual ports having v members, and the selector 162 applies a function to the hash index 115 based on the number of virtual ports v to generate an index into the table 160 .
  • the network device ND 1 uses the generated index to select an entry in the egress table 160 at row v which specifies a virtual destination port for the data packet 40 .
  • the virtual ports are then mapped to one or more physical ports, and the data packet 40 is egressed via the one or more physical ports. Virtual port techniques are discussed in more detail below.
  • the egress interface table 160 is one example of a client of the hash value 115
  • the network device ND 1 includes one or more other clients of the hash value 115 , in some embodiments.
  • a “client” of the hash value 115 is an entity or function within a network device (e.g., network device ND 1 ) that uses the hash value 115 to perform one or more functions to process, forward, or analyze the data unit or packet. For example, as discussed above, the egress interface table 160 uses the hash value 115 to determine an index to select a link.
  • Other clients of the hash value 115 include a DRAM member selector, a router engine, a layer two Equal Cost Multipath (ECMP) determiner, a trunk, a trunk member, or some other entity included in the network device ND 1 , in various embodiments.
  • the hash function 128 is configured to generate a hash value 115 that has a length that is long enough to service all clients of the hash value 115 within the network device.
  • the hash value 115 is modified to affect load balancing and/or depolarization of traffic (e.g., “intra-switch” load balancing and/or “intra-switch” depolarization).
  • FIG. 5 depicts a hash value modifier 220 that is configured to determine, based on a hash value 115 , a modified hash value 222 that is utilized by the client 130 of FIG. 2 .
  • the hash value modifier 220 generates a modified hash value 222 to affect intra-switch load balancing and/or intra-switch depolarization, in an embodiment.
  • FIG. 5 depicts a hash value modifier 220 that is configured to determine, based on a hash value 115 , a modified hash value 222 that is utilized by the client 130 of FIG. 2 .
  • the hash value modifier 220 generates a modified hash value 222 to affect intra-switch load balancing and/or intra-switch depolarization, in an embodiment
  • some of the components of the hash value modifier 220 are implemented using hardware, microcode, software instructions executed by a processor, firmware instructions executed by a processor, or combinations thereof.
  • the hash value modifier 220 is implemented in an Application Specific Integrated Circuit (ASIC) included on a printed circuit board.
  • ASIC Application Specific Integrated Circuit
  • the hash value modifier 220 and the hash value generator 16 are included in a same ASIC or solid state device configured as a packet processor, in an embodiment, and in another embodiment, the hash value modifier 220 and the hash value generator 16 are included in different ASICs or solid state devices.
  • the hash value modifier 220 includes a hash bit selector 225 .
  • the hash bit selector 225 is configured to select, based on an identity or a type of the client 130 , a subset of bits of the hash value 115 to be included in the modified hash value 222 , in an embodiment.
  • different, mutually exclusive subsets of bits are selected by the hash bit selector 220 for different clients or different types of clients included in a network device (e.g., ND 1 ) so that different modified keys are provided to different clients, even though each of the different modified keys is based on a common, original hash value 115 .
  • a client 130 pads its respective subset of bits by pre-pending, appending or interleaving a desired number of zeros, a desired number of ones, or a predetermined combination of ones and zeros.
  • the hash bit selector 220 as different clients of the hash value 115 use their respective modified keys to select an output port or communication link, traffic is distributed across the link aggregate group (and, therefore, output ports corresponding thereto) for all clients of the hash value 115 , thereby realizing intra-switch load balancing and intra-switch depolarization.
  • the hash value modifier 220 includes a hash bit replacer 228 .
  • the hash bit replacer 228 is typically included in scenarios where the modified hash value 222 is required, based on an identity or type of client 130 , to be relatively short in length so that stringent load balancing requirements are met. In these scenarios, the hash bit replacer 228 replaces the hash value 115 with a randomly or pseudo-randomly generated number, an incremental index, a number selected in a round-robin manner, or a number that is based on some other information.
  • the hash bit replacer 228 replaces the hash value 115 with a number selected in a round-robin manner to generate a modified hash value 222 for providing packet-based load balancing.
  • the hash bit replacer 228 replaces the hash value 115 with a randomly or pseudo-randomly generated number to generate a modified hash value 222 for providing a uniform distribution.
  • the hash bit replacer 228 replaces the hash value 115 with an indication of a link that is transporting a least amount of data traffic to generate a modified hash value 222 for providing a near-perfect distribution of bytes. It is noted that by using the hash bit replacer 228 to modify the hash value 115 , in some embodiments, data units or packets arrive at their destination out of order, so a trade-off between stringent load balancing and maintenance of packet order occurs.
  • the hash value modifier 220 includes a sizer 230 .
  • the sizer 230 is configured to modify the hash value 115 by adjusting its length to form a modified hash value 222 for use by the client 130 .
  • the sizer 230 adjusts the size or length of the hash value 115 based on a size of the hash value 222 required by the client 130 . For example, if the client 130 is the egress interface table 160 of FIG.
  • the sizer 115 adjusts the length of the hash value 115 based on a total number of communication links included in the link aggregate group corresponding to the network device (e.g., ND 1 ) to form the modified hash value 222 .
  • the hash value 115 has a length of n bits and the client 130 requires a modified hash value between Z to y (inclusive, where Z is normally, but not necessarily, zero), where the range of modified hash values corresponds to a range corresponding to a total number of communication links.
  • the sizer 230 maps each of the possible 2 n values of the hash value 115 to modified hash values between Z and y, inclusive.
  • a traffic imbalance may occur when the ranges of modified hash values and the number of links are different.
  • the hash function 128 of the hash value generator 16 is configured to generate a hash value 115 to affect a more uniform distribution and to correct possible imbalances between ranges of modified hash values and numbers of links, in an embodiment.
  • the hash function 128 is configured to generate a hash value 115 that has a length long enough to provide a desired level of data unit traffic distribution across the number of links.
  • the sizer 230 may then be used to reduce the overall length of the hash value 115 to a length required by the client 130 (e.g., the sizer generates a modified hash value 222 that is shorter than the hash value 115 .)
  • the hash value modifier 220 includes a hash bit selector 225 , whose output is operated on by a hash bit replacer 228 , whose output is then, in turn, operated on by the sizer 230 , resulting in the modified hash value 222 that is provided to the client 130 .
  • the hash value modifier 220 one or more of the entities 225 , 228 , 230 are omitted. Additionally or alternatively, in some embodiments, the order of operation of entities 225 , 228 , and/or 230 on the hash value 115 is different than the embodiment illustrated in FIG. 5 .
  • the modified hash value 222 is generated by modifying the hash value 115 only by using the hash bit replacer 228 , in an embodiment; in another embodiment, the modified hash value 222 is generated by modifying the hash value 115 with both the hash bit selector 225 and the sizer 230 ; and in yet another embodiment, the initial key 105 is modified only by the hash bit selector 225 or only by the sizer 230 .
  • FIG. 6 is a flow diagram of an example method 250 for avoiding polarization in a communication network 10 , according to an embodiment.
  • the method 250 is implemented by the hash value generator 16 alone (see FIG. 2 ), or by the hash value generator 16 in cooperation with other components of the corresponding network device ND 1 -ND 6 (see FIG. 1 ), in some embodiments.
  • the method 250 operates in conjunction with the hash value modifier 220 of FIG. 5 , in an embodiment.
  • a data unit such as the data packet 40 is received at a certain port P R of the network device implementing the method 250 (e.g., the network device ND 1 ).
  • an initial key is determined based on information included in the received packet or data unit.
  • the initial key includes, in an embodiment, an indication of a source and of a destination of the data unit or packet.
  • a modified key is generated from the initial key, in an embodiment.
  • the modified key is a depolarized initial key, where the depolarized initial key is configured so that polarization of network traffic within the network 10 when the depolarized initial key is utilized is less than inter-switch polarization when the initial key is utilized.
  • Generating the depolarized initial key based on the initial key includes applying a bijective or an essentially bijective function to the initial key, in some embodiments.
  • the bijective or essentially bijective function is, for example, an addition or additive function, a remapping function, an exclusive-or (XOR) function, or any suitable bijective function, in various embodiments.
  • applying the bijective or essentially bijective function to the initial key includes adding bytes of a salt or seed to respective bytes of the initial key, in a byte-by-byte manner.
  • the salt or seed is a randomly or pseudo-randomly generated sequence of bits, in an embodiment, and in some embodiments, a length of the randomly or pseudo-randomly generated sequence of bits is equivalent to a length of the initial key.
  • each network device ND 1 -ND 6 included in the communications network 10 includes a different salt or seed that is unique within the communication network 10 .
  • a different depolarized initial key is generated (block 258 ) at each different network device included in the communication network 10 .
  • a first depolarized initial key is generated at a first network device ND 1
  • a different, second depolarized initial key is generated at a second network device ND 2 .
  • a hash value corresponding to the data unit or packet is determined based on the depolarized initial key, in an embodiment.
  • a hash function such as the hash function 128 operates on the depolarized initial key to produce a hash value.
  • each network device ND 1 -ND 6 of the communication network 10 includes the same, common hash function.
  • the hash value determined at the block 260 is further modified to avoid or decrease intra-switch polarization or polarization within the network device, in an embodiment.
  • the original hash value is modified to generate a modified hash value by selecting a subset of bits of the hash value.
  • the subset of selected bits is determined based on a type or identity of a client of the hash value, in an embodiment. For instance, an egress table client requires only eight bytes of a 70 byte long modified key, so eight bits of the hash value are selected to form a modified hash value.
  • mutually exclusive subsets of bits or bytes are mapped to respective clients or respective types of clients of the hash value.
  • block 262 is omitted.
  • a communication link via which the data unit or packet is to be egressed or transmitted from the network device is determined.
  • the communication link is determined based on a hash value determined at the block 260 (or based on a modified hash value determined at the block 262 , if optional block 262 is included).
  • a client of the (modified) hash value performs one or more functions, based on the (modified) hash value, that are executed within the network device to forward the data unit or packet.
  • the egress interface table 160 utilizes the (modified) hash value as an index to determine a particular virtual port, physical port or communication link via which the packet is to be transmitted.
  • the particular communication link or port is or corresponds to one of a plurality of communication links that are included in a link aggregate group corresponding to the network device, in an embodiment.
  • the packet is caused to be transmitted from the network device.
  • a data unit such as the data packet 40 is transmitted via a certain port P T of the network device implementing the method 250 (e.g., the network device ND 1 ), for example, over the particular communication link determined at block 265 .
  • FIG. 7 is a flow diagram of an example method 300 for load balancing traffic in a communication network 10 , according to an embodiment.
  • the method 300 is implemented by the hash value generator 16 alone (see FIG. 2 ), or by the hash value generator 16 in cooperation with other components of the corresponding network device ND 1 -ND 6 (see FIG. 1 ), in some embodiments.
  • the method 300 operates in conjunction with the hash value modifier 220 of FIG. 5 and/or in conjunction with the method 250 of FIG. 6 , in an embodiment.
  • a data unit such as the data packet 40 is received at a certain port P R of the network device implementing the method 300 (e.g., the network device ND 1 ).
  • an initial key is determined based on information included in the received packet or data unit.
  • the initial key includes, in an embodiment, an indication of a source and of a destination of the data unit or packet.
  • a modified key is generated from the initial key, in an embodiment.
  • the modified key is a load balancing key, where the load balancing key is configured so that traffic within the network 10 is more load balanced when the load balancing key is utilized as compared to when the initial key is utilized.
  • Generating the load balancing key 308 includes, in an embodiment, generating a symmetric key based on two fields of the initial key. In an embodiment, the two fields of the initial key correspond to an indication of the source of the packet and an indication of the destination of the packet.
  • the two fields of the initial key may correspond to an IP source address and an IP destination address, a MAC source address and a MAC destination address, a virtual source port identifier and a virtual destination port identifier, a physical source port identifier and a physical destination port identifier, etc.
  • a commutative function is applied to one of the two fields, and the result of the commutative function is populated into the respective field of the symmetric key, in an embodiment.
  • the other field of the symmetric key is populated with a constant (e.g., zero or some other suitable constant) or with a derivative of the result of the commutative function (e.g., a derivative of the content of the first field of the symmetric key), in an embodiment.
  • the commutative function is any suitable commutative function, such as an addition function, a multiplication function, or the like.
  • a common hash value is determined at block 310 irrespective of the ordering of the two field of the initial key, in an embodiment. That is, a common hash value is determined irrespective of the direction in which a packet is traveling. In some cases, a hash function such as the hash function 128 operates on the load balancing key to produce the common hash value. In an embodiment, each network device ND 1 -ND 6 of the communication network 10 includes the same, common hash function.
  • the hash value determined at the block 310 is further modified to generate a modified hash value that, in turn, effects intra-switch load balancing or load balancing within the network device itself.
  • the original hash value is re-sized to a different length based on the requirements of a client of the hash value. For example, if the client is the egress interface table 160 of FIG. 4 , the length of the original hash value is adjusted based on a total number of communication links included in the link aggregate group corresponding to the network device (e.g., ND 1 ) to form a modified hash value that is sized.
  • each of the possible 2 n values of the original hash value is mapped to a load balancing hash value between Z and y.
  • the length of the sized, modified hash value generated at the block 312 is less than a length of the original hash value generated at the block 310 .
  • block 312 is omitted.
  • a communication link over which the data unit or packet is to be transmitted from the network device is determined.
  • the communication link is determined based on the original hash value determined at the block 310 (or based on the modified hash value determined at the block 312 , if optional block 312 is included).
  • a client of the (modified) hash value performs one or more functions, based on the (modified) hash value, that are executed within the network device to forward or analyze the data unit or packet.
  • the egress interface table 160 utilizes the (modified) hash value as an index to determine a particular communication link or port (e.g., virtual or physical port) via which the packet is to be transmitted.
  • the particular communication link may be one of a plurality of communication links that are included in a link aggregate group corresponding to the network device, in an embodiment.
  • the data unit or packet is caused to be egressed or transmitted from the network device.
  • a data unit such as the data packet 40 is transmitted via a certain port P T of the network device implementing the method 300 (e.g., the network device ND 1 ).
  • the packet is transmitted from a network interface of the network device over the particular communication link determined at the block 315 .
  • Techniques described herein are utilized in a network device that utilizes virtual port techniques, in an embodiment.
  • An example of a network device utilizing virtual port techniques is disclosed in U.S. patent application Ser. No. 12/030,822, entitled “Logical Bridging System and Method,” filed on Feb. 13, 2008, now U.S. Pat. No. 7,796,594, the entire disclosure of which is hereby expressly incorporated by reference herein.
  • Another example of a network device utilizing virtual port techniques is disclosed in U.S. patent application Ser. No. 12/938,116, entitled “Switching Apparatus and Method Based on Virtual Interfaces,” and filed on Nov. 2, 2010, the entire disclosure of which is hereby expressly incorporated by reference herein.
  • a network device typically utilizes a different number of virtual ports than a number of physical ports, and the network device is configured to perform a mapping between virtual ports and physical ports. For example, in one example network device utilizing virtual port techniques, indications of the physical ports via which packets ingress the network device are mapped to virtual ports.
  • a packet processor is configured to process packets with respect to virtual ports. For example, the packet processor determines one or more virtual ports to which a packet is to be forwarded. The determined one or more virtual ports are mapped to one or more physical ports, and the packet is transmitted via the determined one or more physical ports.
  • FIG. 8 is a block diagram of an example network device 350 that utilizes virtual ports and that implements at least some of the load balancing techniques described herein, according to an embodiment.
  • the network device 350 is included in the communication network 10 of FIG. 1 , in an embodiment.
  • one or more of network devices ND 1 -ND 6 of FIG. 1 includes the network device 350 of FIG. 8 , in an embodiment.
  • the network device 350 includes a mapper 352 configured to map physical ports to virtual ports, and vice versa.
  • the mapper 352 maps a physical port via which a data unit 102 is received to a virtual port.
  • a packet processor 354 processes packets with respect to virtual ports. For example, the packet processor 354 may determine one or more virtual ports to which a packet is to be forwarded.
  • the packet processor 354 includes a hash value generator 355 .
  • the hash value generator 355 is an embodiment of the hash value generator 16 of FIG. 2 .
  • the hash value generator 355 operates on the data unit 102 , and generates a hash value 358 , in an embodiment.
  • the hash value 358 is an embodiment of the hash value 115 of FIG. 2 .
  • the hash value 115 is generated based on an indication of a virtual source port corresponding to a physical port via which the data unit 102 was received.
  • the generated hash value 358 is utilized with respect to lookups in an egress table 360 , in an embodiment.
  • the egress table 360 is an embodiment of the client 130 of FIG. 2 or the egress table 160 of FIG. 4 .
  • the egress table 360 includes entries storing indications of virtual destination ports, in an embodiment, and the hash value 358 is used to determine a particular entry of the egress table 360 to identify a particular virtual port 362 to which the data unit 102 is to be forwarded.
  • the hash value 358 is used to determine an index into the egress table 360 to determine the particular virtual port, in a manner similar to that as previously discussed with respect to FIG. 4 .
  • An indication of the particular virtual destination port 362 determined based on the egress table 360 is provided to the mapper 352 , in an embodiment.
  • the mapper 352 maps the virtual destination port 362 to a corresponding physical destination port, in an embodiment.
  • the network device 350 causes the data unit or packet to be transmitted from the network device 350 via the corresponding physical destination port, in an embodiment. As such, a load of traffic across a set of virtual and/or physical destination ports is more uniformly balanced in the network device 350 , in an embodiment.
  • FIG. 9 is a flow diagram of an example method 400 for load balancing traffic in a network device, according to an embodiment.
  • the method 400 is implemented by the network device 350 of FIG. 8 .
  • the method 400 operates in conjunction with the hash value generator 16 of FIG. 2 , the hash value modifier 220 of FIG. 5 , the method 250 of FIG. 6 , and/or the method 300 of FIG. 7 , in some embodiments.
  • a data unit such as the data packet 40 is received at a certain port P R of the network device having virtual ports (e.g., the network device 350 or another suitable network device).
  • the certain port P R is a physical port, and the physical port is then mapped to a corresponding virtual port, according to an embodiment.
  • an initial key is determined based on information included in the packet or data unit. In some embodiments and/or scenarios, the initial key is determined based on an indication of a virtual source port corresponding to the certain physical port P R via which the data unit was received.
  • a modified key is generated from the initial key.
  • the modified key is generated such that the modified key is depolarized (such as previously described with respect to FIG. 6 ), and/or such that the modified key is symmetric (such as previously described with respect to FIG. 7 ).
  • a hash value is determined based on the modified key.
  • the hash value is generated based on applying a hash function such as the hash function 128 to the modified key, in an embodiment.
  • each network device ND 1 -ND 6 of the communication network 10 applies the same, common hash function.
  • the hash value determined at the block 410 is further modified to generate a modified hash value that, in turn, affects intra-switch load balancing or load balancing within the network device itself.
  • the original hash value is re-sized to a different length based on requirements of a client of the hash value.
  • the hash value is re-sized based on the egress table 360 .
  • block 412 is omitted.
  • a virtual destination port corresponding to the data unit or packet is determined.
  • the virtual destination port is determined based on the original hash value determined at the block 410 (or based on the modified hash value determined at the block 412 , if block 412 is included).
  • a client of the (modified) hash value performs one or more functions, based on the (modified) hash value.
  • the one or more functions performed by the client are functions executed within the network device to forward or analyze the data unit or packet.
  • the client performs a look up in an egress interface table such as the egress interface table 360 .
  • the (modified) hash value is utilized as an index to determine a particular entry of the table 360 whose contents indicate the virtual destination port.
  • a particular physical destination port corresponding to the particular virtual destination port is determined.
  • the particular physical destination port may be determined from a mapping between physical ports and virtual ports of the network device.
  • the data unit or packet is caused to be egressed or transmitted from the network device via the particular physical destination port determined at block 420 .
  • a data unit such as the data packet 40 is transmitted via a certain port P T of the network device implementing the method 400 (e.g., the network device 350 or some other suitable network device).
  • At least some of the various blocks, operations, and techniques described above may be implemented utilizing hardware, a processor executing firmware instructions, a processor executing software instructions, or any combination thereof.
  • the software or firmware instructions may be stored in any computer readable memory such as on a magnetic disk, an optical disk, or other storage medium, in a RAM or ROM or flash memory, processor, hard disk drive, optical disk drive, tape drive, etc.
  • the software or firmware instructions may include machine readable instructions that, when executed by the processor, cause the processor to perform various acts.
  • the hardware may comprise one or more of discrete components, an integrated circuit, an application-specific integrated circuit (ASIC), a programmable logic device (PLD), etc.
  • ASIC application-specific integrated circuit
  • PLD programmable logic device

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Techniques to load balance traffic in a communication network include a network switch or device having an interface to receive a data unit or packet. The network device includes a hash value generator configured to generate a symmetric key from an initial key that is based on the packet, and configured to generate a hash value based on the symmetric key and the packet. The hash value may be optionally modified to load balance egress traffic of the network device. The network device selects an egress link or port, such as by determining an index into an egress table based on the (modified) hash value. The techniques described herein allow packets or data units of a particular flow to travel in both directions along a same path through the communication network.

Description

CROSS REFERENCE TO RELATED APPLICATION
This application claims benefit of U.S. Provisional Patent App. No. 61/418,362, entitled “Load Balancing Hash Computation for Networks,” and filed on Nov. 30, 2010, the entire disclosure of which is hereby expressly incorporated by reference herein.
This application is related to U.S. patent application Ser. No. 12/537,078, entitled “Hash Computation for Network Switches,” and filed on Aug. 6, 2009, the entire disclosure of which is hereby expressly incorporated by reference herein.
FIELD OF TECHNOLOGY
The present disclosure relates generally to communication systems and, more particularly, to computing hash values for data units at a computing or network device.
BACKGROUND
Today, hash functions are widely used in a variety of computing applications to map data in a larger set to a value in a smaller set. For example, a relatively long sequence of bits may be supplied as an input into a mathematical function to generate a shorter sequence of bits that serves as an index into a database table.
One area of application in which hashing can be particularly useful is network switching. In general, a network switch may receive and transmit data packets via multiple ports. In some situations, there may be more than one possible network link via which a packet can be transmitted to properly forward the data packet to its destination. Moreover, network links sometimes are purposefully aggregated to provide more bandwidth between communicating devices or networks. Grouping links together to define wider communication channels is known as link aggregation (LAG). In those situations where multiple links present equally attractive routing choices to a network switch, the routing technique is typically referred to as equal-cost multi-path (ECMP) routing.
SUMMARY OF THE DISCLOSURE
Embodiments of a method for load balancing traffic in a communication network include receiving a data unit or packet at a network device included in the communication network, where the network device is associated with a link aggregate group included in the communication network. The method further includes determining an initial key based on information included in the data unit, generating a symmetric key based on a first field of the initial key and a second field of the initial key, and applying a hash function to the symmetric key to generate a hash value. Additionally, the method includes determining, based on the hash value, a communication link in the link aggregate group; and causing the data unit to be transmitted over the communication link.
Embodiments of a network device for load balancing traffic in a communication network include a network interface configured to receive a data unit and a hash value generator configured to generate a hash value based on the data unit. The hash value generator includes a symmetric key generator configured to generate a symmetric key based on a source field of an initial key and on a destination field of the initial key, where the initial key is based on at least a portion of data included in the data unit. The hash value generator further includes a hash function to generate the hash value based on the symmetric key. Additionally, the network device includes a link selector configured to select, based on the hash value, a communication link to egress the data unit from the network device.
Embodiments of a network device for load balancing traffic in a communication network include a network interface to receive a data unit and a hash value generator to generate a hash value based on the data unit. The hash value generator includes a symmetric key generator configured to generate a symmetric key based on the data unit and a hash function configured to generate the hash value based on the symmetric key. The symmetric key is configured to cause a common hash value to be generated by the hash function for different sequences of a first field corresponding to the data unit and a second field corresponding to the data unit. Additionally, the network device includes a link selector to select, based on the hash value, a communication link to egress the data unit from the network device.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 is a block diagram of a communication network in which network devices apply hash computation techniques discussed herein, according to an embodiment.
FIG. 2 is a block diagram of an example hash value generator which is implemented in the network devices of FIG. 1, according to an embodiment.
FIGS. 3A and 3B are block diagrams that illustrate an example of a remapping function or table that is included in the hash value generator of FIG. 2, according to an embodiment.
FIG. 4 is block diagram that illustrates an example application of a hash value generated by the hash value generator of FIG. 2, according to an embodiment.
FIG. 5 is a block diagram of an example hash value modifier which is implemented in the network devices of FIG. 1, according to an embodiment.
FIG. 6 is a flow diagram of an example method for avoiding polarization in a communication network that is implemented by one or several network devices of FIG. 1, according to an embodiment.
FIG. 7 is a flow diagram of an example method for load balancing traffic in a communication network that is implemented by one or several network devices of FIG. 1, according to an embodiment.
FIG. 8 includes a block diagram of an example network switch or device having virtual ports and configured to load-balance across a set of virtual ports of the network device.
FIG. 9 is a flow diagram of an example method for load balancing traffic in a network device that is implemented by one or several network devices of FIG. 1 or of FIG. 8, according to an embodiment.
DETAILED DESCRIPTION
FIG. 1 is a block diagram of an example communication network 10 in which several network devices ND1, ND2, . . . , ND6 process data flows between an external network 12 and an internal network 14, according to an embodiment. The network 10 utilizes multi-path load-balancing as will be discussed below. The network devices ND1-ND6 may be of the same or different types, and include workgroup switches, other types of switches, routers, or any other suitable devices having data processing capability, in various embodiments. Each of the network devices ND1-ND6 includes a respective hash value generator 16 a-16 f that implements at least some of the techniques discussed below, in an embodiment.
In operation, the network device ND1 receives data units (such as packets or frames) traveling from the external network 12 to the internal communication network 14 via communication links 18, 20, and 22 at respective ports P1, P2, and P3 (generally referred to herein as “receive ports” or “source ports” PR). The network device ND1 forwards the received data units to the network devices ND2 or ND3 via the corresponding ports P4, P5, and P6 (generally referred to herein as “transmit ports” or “destination ports” PT) and, ultimately, respective communication links 24, 26, and 28. The network device ND1 thus has a receive interface (also referred to as a “receive network interface”) to which the communication links 18, 20, and 22 are coupled, and a transmit interface (also referred to as a “transmit network interface”) coupled to the communication links 24, 26, and 28. The routing configuration of the load-balancing network 10, in some scenarios, is such that the network device ND1 selects one of the ports of P4, P5, or P6 to properly direct a data packet toward its destination in the internal network 14. However, because each of the communication links 24-28 has limited bandwidth, the network device ND1 applies load-balancing techniques to distribute the received packets among the appropriate ones of the links 24-28. In other words, the network device ND1 selects one of the ports corresponding to an appropriate link. To this end, the network device ND1 utilizes the hash value generator 16 a to generate an efficient hash value using parameters specific to the network device ND1, in an embodiment. The hash value is applied to a link selector to select a communication link in a link aggregate group (e.g., links 24, 26, 28) along which the data packet is to travel. Some techniques often produce intra-switch polarization, or “favoring” of a particular link in a group of suitable links for certain types of packets. Further, when multiple network switches operate as respective hops in a load-balancing network, the same load balancing decision may be made at each hop, thus producing inter-switch polarization, or a favoring of a particular path through the load-balancing network. At least some embodiments of the hash value generator 16 a avoid link polarization and/or inter-switch polarization and improve the overall distribution balance of data packets among communication links thereby increasing network bandwidth and reducing latency.
Although FIG. 1 illustrates a particular embodiment of the network devices ND1-ND6, each of these the network devices ND1-ND6 includes any suitable number of ports, and at least some of the network devices ND1-ND6 have different numbers of ports. In some embodiments, configurations, and/or scenarios, some or all of the network devices ND1-ND6 perform protocol translation for some of the packets by removing and/or adding protocol headers at one or several protocol layers of a corresponding communication protocol stack.
The links 18-22 correspond to different physical communication channels such as network cables, wireless bands, etc., or logical channels such as timeslots of a digital signal 1 (DS1) line, to take one example, in various embodiments. Similarly, ports P1-P3 correspond to physical or logical resources of the network device ND1, in various embodiments. As illustrated in FIG. 1, the link 18 carries one or more data flows 30-34. Typically but not necessarily, each of the data flows 30-34 is a bidirectional flow including data traveling from the network 12 to the network 14, or inbound data, and data traveling to the network 12 from the network 14, or outbound data. The links 20 and 22 also carry one or several data flows, in an embodiment. Some of the data flows 30-34 are associated with more than one of the links 18-22, in an embodiment.
In some embodiments and/or scenarios, the data flows 30-34 are associated with different communication protocols such as Transmission Control Protocol (TCP) layered over Internet Protocol (IP) (hereinafter, “TCP/IP”), User Datagram Protocol (UDP) layered over IP (hereinafter, “UDP/IP”), File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), etc. For example, the data flow 30 corresponds to FTP, the data flow 32 corresponds to Telnet, and the data flow 34 corresponds to HTTP, in one scenario. Further, some of the data flows 30-34 correspond to different sessions associated with the same communication protocol, in some scenarios. A typical network link also includes Simple Mail Transfer Protocol (SMTP), Structured Query Language (SQL), and several additional data flows associated with e-mailing, web browsing, database applications, remote login, and other application types. An operator can configure the network devices ND1-ND6 to process and route data flows on other layers of various protocol stacks.
In some scenarios, each of the data flows 30-34 includes multiple streams, sessions, or connections corresponding to various communication protocol layers. It is noted that some protocols, such as TCP, are connection-oriented while others, such as UDP, are connectionless. In one example scenario, an outside host on the network 12 connects to a local host on the network 14 by establishing a TCP connection having a particular address and port combination on both ends. This connection is identifiable by the TCP header specifying, in part, the address of the outside host, the address of the local host, the port on the outside host, and the port on the local host. An individual TCP/IP packet carries a certain quantum or chunk of information associated with the same connection, or communication session. On the other hand, in another example scenario, a pair of hosts uses the UDP protocol to exchange individual messages, or datagrams, without establishing a connection. Thus, in some scenarios, each of the data flows 30-34 includes one or more streams such as TCP streams including multiple packets associated with a single data exchange or single packets conveying individual messages in their entirety. In the examples discussed below, a data stream generally refers to a unidirectional or bidirectional data exchange between two or more hosts including one or more data units such as data packets or frames.
With continued reference to FIG. 1, an example data packet 40 belongs to the TCP/IP flow 34, as an example, and travels in the inbound direction relative to the internal network 14. The data packet 40 includes a header 42 and a payload 44. In general, the header 42 corresponds to one or more layers of the protocol stack and, in some cases, identifies the corresponding packet as belonging to a particular connection-oriented or connectionless data stream. In the examples below, the header 42 refers to all information that precedes the payload on the transport layer, i.e., layer four (L4) in the Open System Interconnection (OSI) seven-layer model. However, if desired, the header 42 includes all headers up to and including the application-layer header or, conversely, includes less than the headers of the layer two (L2), layer 3 (L3), and L4 of the OSI model, in various embodiments.
In general, data packets traveling through the load-balancing network 10 have a suitable desired length consistent with the corresponding protocol (e.g., TCP/IP in the case of the data packet 40). Further, the length of the data packet 40 is operator-configurable to accommodate the particular requirements of the network devices ND1-ND6, in some embodiments. In some embodiments, the network devices ND1-ND6 operate on protocols or protocol layers which do not define packets of a particular length. In this sense, an individual packet is any logical designation of a grouping or quantum of data. In some embodiments, the term “packet” or “data unit” refer simply to a grouping of data on a particular stream for the purpose of generating a hash value by one of the network devices ND1-ND6. On the other hand, in other embodiments, each of these terms refers to a grouping of data included in two or more frames of a communication protocol. For example, a single data packet includes multiple TCP frames in one embodiment.
Next, FIG. 2 is a block diagram of an example high-level architecture of each of the hash value generators 16 a-16 f. For clarity of discussion, the discussion herein refers to generally to a hash value generator “16,” although the principles and techniques apply to any of the hash value generators 16 a-16 f of FIG. 1, or to other suitable hash value generators. Generally, in an embodiment, the architecture of each of the hash value generators 16 a-16 f is in accordance with the hash value generator 16 of FIG. 2. However, in some embodiments, one or more of the hash value generators 16 a-16 f differs from other hash value generators in the communication network 10. For example, in an embodiment, a particular hash value generator omits one or more blocks shown in FIG. 2, or one or more parameters utilized by different hash value generators 16 a-16 f are unique within the network 100. Generally with respect to FIG. 2, some of the components of the hash value generator 16 are implemented using hardware, microcode, software instructions executed by a processor, firmware instructions executed by a processor, or combinations thereof. In an embodiment, the hash value generator 16 is implemented on an application-specific integrated circuit (ASIC) included on a printed circuit board card device having an interface compatible with Peripheral Component Interconnect (PCI) or similar standard.
Referring to FIG. 2, the hash value generator 16 is configured to determine, based on a data unit or packet 102, a key 110 that is used to determine a hash value 115, in an embodiment. The hash value generator 16 configures the key 110 to affect load balancing and/or to decrease polarization both within the network device itself (e.g., “intra-switch” or “intra-device”) and within the communication network 10 (e.g., “inter-switch” or “inter-device”), in an embodiment.
In an embodiment, the hash value generator 16 includes an initial key generator 100 that operates on a received data unit or packet 102. During operation, the initial key generator operates on NB input bytes (or “input data”) of the received data unit or packet 102 to generate an initial key 105 of length NB. The initial key 105 includes a string of bytes included in the data unit or packet 102, and, in some embodiments, the initial key 105 includes additional information such as an identification of a source port via which the data unit or packet 102 ingressed into the network device. In some embodiments, a length of the string, e.g., (NB) is equal to 70 bytes of information. In other embodiments, however, other suitable values of NB are utilized. The initial key 105 includes a source field whose contents correspond to a source from which the data unit or packet 102 was received, and a destination field whose contents correspond to a destination to which the data unit or packet 102 is to be transmitted, in an embodiment. The source and destination fields refer to any suitable source and destination, and have any suitable format, e.g., source and destination IP (Internet Protocol) address fields, source and destination MAC (media access control) address fields, source and destination virtual port identifications, source and destination physical port identifications, etc.
The hash value generator 16 includes an initial key modifier 108, in an embodiment. Generally, the initial key modifier 108 modifies the initial key 105 in a known manner to generate a modified key 110 that enables the hash value generator 16 to generate depolarized and/or load balanced traffic across the communication network 10 and/or across a particular network device ND1-ND6. As such, the modified key 110 may be interchangeably referred to herein as a depolarized initial key. In an embodiment, at each particular network device ND1-ND6, the initial key modifier 108 introduces a consistent modification to the initial key 105, so that teach initial key 105 is consistently modified at a given device ND1-ND6. In this embodiment, each device ND1-ND6 has a different consistent modification introduced by the initial key modifier 108.
In an embodiment, the initial key modifier 108 includes a symmetric key changer 112, also referred to herein as a “symmetric key generator.” The symmetric key changer 112 is configured to modify the initial key 105 to produce a modified key 110 so that a common hash value is produced at a particular network device for the particular initial key 105 for both directions of traffic. That is, for a given initial key 105, a packet addressed to travel between network devices ND1 and ND5, a same common hash value is generated whether ND1 is the source of the packet or ND1 is the destination of the packet. Accordingly, in an embodiment where all network devices ND1-ND6 in a communication network 10 each include a symmetric key changer 112, packets of a particular flow (e.g., flows 30-34) travel along a same path throughout the network 100. In an embodiment, all packets of a particular flow travel in both directions along the same path throughout the network 100. In this manner, traffic between network devices ND1-ND6 is load balanced across the communication network 10.
The symmetric key changer or generator 112 modifies two different fields of the initial key 105 based on a commutative function, in an embodiment, to produce a modified key 110 that includes two corresponding symmetric key fields. The symmetric key fields allow a common hash value to be generated irrespective of the order of the two different initial key fields, in an embodiment. In an example embodiment, the two symmetric fields generated from the two initial fields correspond to the expressions:
symmetric_field_one=commutative_operation (initial_field_one, initial_field_two)  (1)
symmetric_field_two=constant or (derivative of symmetric_field_one)  (2)
The new symmetric fields (e.g., symmetric_field_one and symmetric_field_two) are included in a modified key 110, and the modified key 110 is provided as an input to a hash value determiner 108 to generate a corresponding hash value 115, in an embodiment. Due to the symmetry of the fields of the modified key 110, the resulting hash value 115 generated by the hash value determiner 108 is a common hash value for both directions of traffic of the same flow, e.g., for packets having a same initial key 105. The common hash value is used by the network device to select a link over which the data unit or packet 102 is to be transmitted or forwarded, thus resulting in symmetrical loading throughout the network 10 irrespective of the order of the initial fields.
In an embodiment, the symmetric key changer or generator 112 modifies an initial source field and an initial destination field to produce modified, symmetric source and destination fields according to the expressions:
symmetric_source_field=(initial_source_field+initial_destination_field)  (3)
symmetric_destination_field=0  (4)
In this embodiment, the commutative function is an addition or additive function, although in other embodiments, other commutative functions (e.g., multiplication, etc.) may be used by the symmetric key changer 112. Similarly, in this embodiment, the symmetric_destination_field is set to zero, while in other embodiments, the symmetric_destination_field is set to any suitable constant value, or to a derivative of the symmetric_source_field. In this embodiment, the initial source and destination fields are effectively independent of any particular OSI layer, and as such, the initial source and destination fields may correspond to any suitable addressing or identification scheme, such as IP addresses, MAC addresses, virtual port identifiers, physical port identifiers, etc.
The inclusion of a symmetric key changer or generator 112 in the hash value generator 16 provides for symmetrical latency throughout a communication network 10, and thus increases the predictability of traffic flow for load balancing, in some embodiments. Additionally, the symmetric key changer 112 allows traffic to be intercepted at a network device using a single tap (e.g., a monitoring tap), as well as provides for easier traffic analysis and deep packet inspection, in some embodiments.
In an embodiment, the hash value generator 16 includes a field selector 118. The field selector 118 determines a subset of the bits or bytes of the data unit 102 based on a hash mask 120, in an embodiment. For example, the field selector 118 masks the input bytes that are unselected by the hash mask 120, i.e., zeroes-out the unselected bytes or replaces these bytes with a predefined value to generate a modified key 110. As an illustrative example, the data unit or packet 102 includes, in the first several positions, the bytes 0xA3 0xD4 0x36 0xF3 0x55 . . . (where “0x” denotes hexadecimal representation), the hash mask 120 begins with the bits 11001 . . . , and the field selector 118 accordingly outputs 0xA3 0xD4 0x00 0x00 0x55. In this manner, the mask 120 selectively turns on or off individual bytes in the NB input bytes of the data unit 102, and thus controls which fields (e.g., fields in the header 42, fields associated with certain parameters of the device (e.g., device ND1, etc.) are used in generating a hash value. In an embodiment, the hash mask 120 is selected based on a type of the packet, e.g., MPLS (Multiprotocol Label Switching), IPv4 (Internet Protocol version 4), IPv6 (Internet Protocol version 6), etc.
In an embodiment, the hash value generator 16 includes a polarization avoidance unit 122 that operates on the initial key 105. The polarization avoidance unit 122 includes a depolarized key generator, in an embodiment, that forms the modified key 110 based on the initial key 105. Generally, for a given network device, the polarization avoidance unit 122 is configured to allow the network device to generate a same, common hash value for all packets of a particular flow (e.g., one of flows 30-34 of FIG. 1). A different hash value is generated for the particular flow at another network device, and still different hash values are generated for different flows at the given device and at other network devices within the communication network 10. In an embodiment, the modified key 110 generated by the polarization avoidance unit 122 causes the hash value determiner 108 to generate a hash value 115 so that inter-switch traffic polarization is avoided. As such, the modified key 110 may be interchangeably referred to herein as a “depolarized initial key” or a “depolarized key.” The depolarized key 110 is generated by applying a depolarizing function or depolarizer 125 to the initial key 105 or to selected field of the initial key 105, for example. In an embodiment, the depolarizing function of depolarizer 125 is a common depolarizer for packets or data units having a same set of parameter values (e.g., a same source field and a same destination field).
The depolarizing function or depolarizer 125 is an essentially bijective function, in an embodiment. It is noted that a bijective function is a function ƒ from a set X to a set Y with the property that, for every y in Y, there is exactly one x in X such that ƒ(x)=y. For example, the depolarizing function 125 is an exclusive-or (XOR) function, a remapping function, an additive function such as a unique salt or seed, etc. In this embodiment, due to the bijective nature of the depolarization function or depolarizer 125, a different hash value 115 is produced by each network device ND1-ND6 for a given data unit or packet 102. Within the communication network 10, each hash value 115 has a reasonable probability of being essentially or functionally unique. As such, inter-switch or inter-device polarization of network traffic is avoided within the communication network 10, in an embodiment.
In an embodiment, the depolarization function or depolarizer 125 of the polarization avoidance entity 122 is based on a bijective remapping table or function 200, such as illustrated in FIGS. 3A and 3B. In FIG. 3A, the table or function 200 remaps each byte 202 a-202 n of the input 202 (e.g., of the initial key 105) to a unique byte 205 a-205 n of the output 205. In this embodiment, the output 205 of the remapping table or function 200 is a permutation of the input 202 and includes all values of the input 202. As the table 200 is bijective, a one-to-one mapping exists between input values 202 and output values 205. The one-to-one mapping is randomly or pseudo-randomly generated, in an embodiment. An illustration of a remapping of an example input bit stream 210 to an example output bit stream 212 based on the table 200 is illustrated in FIG. 3B.
In another embodiment, the depolarization function or depolarizer 125 is a salt or seed that is combined with the initial key 105. In this embodiment, the salt or seed is a series of bits that is unique, within the communication network 10, to a particular network device. That is, each network device ND1-ND6 within the communication network 10 includes a respective unique salt or seed used by its respective hash value generator 16 a-16 f. In some embodiments, each salt in the network 10 is randomly generated or pseudo-randomly generated. In some embodiments, the salt or seed is user-configurable. The salt or seed may be any number of bits, and may be combined with the initial key 105 in any manner, such as by appending the salt to the initial key 105, by pre-pending the salt to the initial key 105, or by interleaving bits or bytes of the salt within bits or bytes of the initial key 105. In some embodiments, combining the salt with the initial key 105 is an essentially bijective function, e.g., the combination of the salt and the initial key 105 is bijective for all bits except for a subset of bits, such as the last bits.
In an embodiment, a salt includes a same number of bytes as the initial key 105, and the salt is byte-wise added to the initial key 105 to form a depolarized key 110 according to the expression:
depolarized_key[i]=initial_key[i]+salt[i]  (5)
where i denotes a particular byte. In this embodiment, as each network device ND1-ND6 within the communication network 10 includes a unique salt or seed, each network device ND1-ND6 generates a different depolarized key for packets having a same initial key 105. Consequently, as the different depolarized keys are used to determine transmit ports or communication links at each network device ND1-ND6, different transmit ports or communications links are selected across the network for packets having a same initial key 105, resulting in the depolarization of network traffic.
Turning back to FIG. 2, in the illustrated embodiment, the initial key modifier 108 includes a symmetric changer 112 whose output is masked by a field selector 118, whose output is then depolarized by the polarization avoidance unit 122, resulting in the modified key 110 that is input to the hash value determiner 108. However, in other embodiments of the hash value generator 16, one or more of the entities 112, 118 and 122 is omitted. Additionally or alternatively, the order of operation of entities 112, 118 and 122 as applied to the initial key 105 is different than as illustrated in FIG. 2, in some embodiments. In one example, the modified key 110 is generated by modifying the initial key 105 with only the symmetric changer 112; in another example, the modified key 110 is generated by modifying the initial key 105 by both the field selector 118 and the polarization avoidance entity 122; and in yet another example, the initial key 105 is modified only by the polarization avoidance unit 122. To optimize load balancing and depolarization within the communication network 10, though, the hash value generator 16 a-16 f of each network device ND1-ND6 of the communication network 10 includes the same entity or the same set of entities selected from entities 112, 118 and 122, although such uniformity is not necessary.
The hash value determiner 108 operates on the modified key 110 and generates a hash value 115 based on a hash function 128, in an embodiment. In an embodiment, the hash function 128 applied to the modified key 110 is a same, common hash function 128 at each device ND1-ND6. Typically, the hash value 115 generated by the hash function 128 is shorter in length than the length of the modified key 115. The hash value is provided to a client 130 for use in processing or forwarding data units or packets, in an embodiment. The client 130 is included on the network device, in an embodiment, and the client 130 may be included on a same solid state device or a different solid state device as the hash value generator 16. Examples of types of clients 130 of the hash value 115 include, for example, routers, trunks, trunk members, layer 2 ECMP, egress tables, ingress tables, TCAMs (ternary content addressable memories), and the like.
In an embodiment, as previously discussed, the hash value 115 is used by the client 130 to select a communication link over which to transmit the data unit 102. As such, the hash value 115 is configured to effect the selection of communication links to balance traffic loads and to avoid polarization within the network 10, in some embodiments. In an embodiment, the hash function 128 is configured to generate a hash value 115 that is sufficiently long enough to avoid overlap among fields so as to provide a uniform distribution of traffic or a desired level of sufficient uniformity of traffic distribution across communication links, thereby avoiding network device polarization. In an embodiment, the hash function 128 includes a cyclic redundancy check (CRC) generator, such as a CRC32 generator that outputs a hash value 115 having a length of 32 bits.
As schematically illustrated in FIG. 4, the client 130 is an egress interface table 160 and the hash value 115 generated by the hash value generator 16 is used as an index into the egress interface table 160, in an embodiment. Referring again to FIG. 1, the network device ND1 determines, based on the header 42, the ingress port at which the data packet 40 is received, or using any other suitable information, that the data packet 40 belongs to a link aggregate group g having/members (i.e., links). Referring again to FIG. 4, a selector 162 of the network device ND1, applies a function to the hash value 115 to generate an index into the table 160. In an embodiment, the function applied to the hash value 115 is:
index=(hash value)*l/(2n),  (6)
although other suitable functions may be applied to the hash value 115. The network device ND1 then uses the generated index to select an entry in the egress interface table 160 at row g which specifies a link on which the data packet 40 is to be propagated, in an embodiment.
In other embodiments, an entry of the egress interface table 160 specifies a particular virtual destination port. In these embodiments, the network device ND1 determines that the data packet 40 is to be forwarded to a group of virtual ports having v members, and the selector 162 applies a function to the hash index 115 based on the number of virtual ports v to generate an index into the table 160. The network device ND1 then uses the generated index to select an entry in the egress table 160 at row v which specifies a virtual destination port for the data packet 40. The virtual ports are then mapped to one or more physical ports, and the data packet 40 is egressed via the one or more physical ports. Virtual port techniques are discussed in more detail below.
While the egress interface table 160 is one example of a client of the hash value 115, the network device ND1 includes one or more other clients of the hash value 115, in some embodiments. A “client” of the hash value 115, as referred to herein, is an entity or function within a network device (e.g., network device ND1) that uses the hash value 115 to perform one or more functions to process, forward, or analyze the data unit or packet. For example, as discussed above, the egress interface table 160 uses the hash value 115 to determine an index to select a link. Other clients of the hash value 115 include a DRAM member selector, a router engine, a layer two Equal Cost Multipath (ECMP) determiner, a trunk, a trunk member, or some other entity included in the network device ND1, in various embodiments. Generally, the hash function 128 is configured to generate a hash value 115 that has a length that is long enough to service all clients of the hash value 115 within the network device.
In some embodiments, the hash value 115 is modified to affect load balancing and/or depolarization of traffic (e.g., “intra-switch” load balancing and/or “intra-switch” depolarization). FIG. 5 depicts a hash value modifier 220 that is configured to determine, based on a hash value 115, a modified hash value 222 that is utilized by the client 130 of FIG. 2. The hash value modifier 220 generates a modified hash value 222 to affect intra-switch load balancing and/or intra-switch depolarization, in an embodiment. Generally with respect to FIG. 5, some of the components of the hash value modifier 220 are implemented using hardware, microcode, software instructions executed by a processor, firmware instructions executed by a processor, or combinations thereof. In an embodiment, the hash value modifier 220 is implemented in an Application Specific Integrated Circuit (ASIC) included on a printed circuit board. The hash value modifier 220 and the hash value generator 16 are included in a same ASIC or solid state device configured as a packet processor, in an embodiment, and in another embodiment, the hash value modifier 220 and the hash value generator 16 are included in different ASICs or solid state devices.
Referring to FIG. 5, the hash value modifier 220 includes a hash bit selector 225. The hash bit selector 225 is configured to select, based on an identity or a type of the client 130, a subset of bits of the hash value 115 to be included in the modified hash value 222, in an embodiment. In an example embodiment, different, mutually exclusive subsets of bits are selected by the hash bit selector 220 for different clients or different types of clients included in a network device (e.g., ND1) so that different modified keys are provided to different clients, even though each of the different modified keys is based on a common, original hash value 115. In some embodiments, a client 130 pads its respective subset of bits by pre-pending, appending or interleaving a desired number of zeros, a desired number of ones, or a predetermined combination of ones and zeros. With the hash bit selector 220, as different clients of the hash value 115 use their respective modified keys to select an output port or communication link, traffic is distributed across the link aggregate group (and, therefore, output ports corresponding thereto) for all clients of the hash value 115, thereby realizing intra-switch load balancing and intra-switch depolarization.
In some embodiments, the hash value modifier 220 includes a hash bit replacer 228. The hash bit replacer 228 is typically included in scenarios where the modified hash value 222 is required, based on an identity or type of client 130, to be relatively short in length so that stringent load balancing requirements are met. In these scenarios, the hash bit replacer 228 replaces the hash value 115 with a randomly or pseudo-randomly generated number, an incremental index, a number selected in a round-robin manner, or a number that is based on some other information. For example, the hash bit replacer 228 replaces the hash value 115 with a number selected in a round-robin manner to generate a modified hash value 222 for providing packet-based load balancing. In another example, the hash bit replacer 228 replaces the hash value 115 with a randomly or pseudo-randomly generated number to generate a modified hash value 222 for providing a uniform distribution. In yet another example, the hash bit replacer 228 replaces the hash value 115 with an indication of a link that is transporting a least amount of data traffic to generate a modified hash value 222 for providing a near-perfect distribution of bytes. It is noted that by using the hash bit replacer 228 to modify the hash value 115, in some embodiments, data units or packets arrive at their destination out of order, so a trade-off between stringent load balancing and maintenance of packet order occurs.
In some embodiments, the hash value modifier 220 includes a sizer 230. To generate an index in a desired range or of a desired size, the sizer 230 is configured to modify the hash value 115 by adjusting its length to form a modified hash value 222 for use by the client 130. In an embodiment, the sizer 230 adjusts the size or length of the hash value 115 based on a size of the hash value 222 required by the client 130. For example, if the client 130 is the egress interface table 160 of FIG. 4, the sizer 115 adjusts the length of the hash value 115 based on a total number of communication links included in the link aggregate group corresponding to the network device (e.g., ND1) to form the modified hash value 222. Consider an example where the hash value 115 has a length of n bits and the client 130 requires a modified hash value between Z to y (inclusive, where Z is normally, but not necessarily, zero), where the range of modified hash values corresponds to a range corresponding to a total number of communication links. In this example, the sizer 230 maps each of the possible 2n values of the hash value 115 to modified hash values between Z and y, inclusive. For example, the sizer 230 may map values of the hash value 115 according to the function
f(x)=x modulo(y+1)  (7)
or according to the function
g(x)=x*(y+1)n +Z.  (8)
In other situations, other suitable functions may be used by the sizer 230.
A traffic imbalance may occur when the ranges of modified hash values and the number of links are different. To address possible traffic imbalances, the hash function 128 of the hash value generator 16 is configured to generate a hash value 115 to affect a more uniform distribution and to correct possible imbalances between ranges of modified hash values and numbers of links, in an embodiment. For example, the hash function 128 is configured to generate a hash value 115 that has a length long enough to provide a desired level of data unit traffic distribution across the number of links. The sizer 230 may then be used to reduce the overall length of the hash value 115 to a length required by the client 130 (e.g., the sizer generates a modified hash value 222 that is shorter than the hash value 115.)
In the embodiment of FIG. 5, the hash value modifier 220 includes a hash bit selector 225, whose output is operated on by a hash bit replacer 228, whose output is then, in turn, operated on by the sizer 230, resulting in the modified hash value 222 that is provided to the client 130. However, in other embodiments of the hash value modifier 220, one or more of the entities 225, 228, 230 are omitted. Additionally or alternatively, in some embodiments, the order of operation of entities 225, 228, and/or 230 on the hash value 115 is different than the embodiment illustrated in FIG. 5. For example, the modified hash value 222 is generated by modifying the hash value 115 only by using the hash bit replacer 228, in an embodiment; in another embodiment, the modified hash value 222 is generated by modifying the hash value 115 with both the hash bit selector 225 and the sizer 230; and in yet another embodiment, the initial key 105 is modified only by the hash bit selector 225 or only by the sizer 230.
FIG. 6 is a flow diagram of an example method 250 for avoiding polarization in a communication network 10, according to an embodiment. The method 250 is implemented by the hash value generator 16 alone (see FIG. 2), or by the hash value generator 16 in cooperation with other components of the corresponding network device ND1-ND6 (see FIG. 1), in some embodiments. The method 250 operates in conjunction with the hash value modifier 220 of FIG. 5, in an embodiment.
At block 252, a data unit such as the data packet 40 is received at a certain port PR of the network device implementing the method 250 (e.g., the network device ND1). Next, at block 255, an initial key is determined based on information included in the received packet or data unit. The initial key includes, in an embodiment, an indication of a source and of a destination of the data unit or packet.
At block 258, a modified key is generated from the initial key, in an embodiment. In an embodiment, the modified key is a depolarized initial key, where the depolarized initial key is configured so that polarization of network traffic within the network 10 when the depolarized initial key is utilized is less than inter-switch polarization when the initial key is utilized. Generating the depolarized initial key based on the initial key (block 258) includes applying a bijective or an essentially bijective function to the initial key, in some embodiments. The bijective or essentially bijective function is, for example, an addition or additive function, a remapping function, an exclusive-or (XOR) function, or any suitable bijective function, in various embodiments. In an embodiment, applying the bijective or essentially bijective function to the initial key includes adding bytes of a salt or seed to respective bytes of the initial key, in a byte-by-byte manner. The salt or seed is a randomly or pseudo-randomly generated sequence of bits, in an embodiment, and in some embodiments, a length of the randomly or pseudo-randomly generated sequence of bits is equivalent to a length of the initial key.
In an embodiment, each network device ND1-ND6 included in the communications network 10 includes a different salt or seed that is unique within the communication network 10. As such, a different depolarized initial key is generated (block 258) at each different network device included in the communication network 10. For example, for a same packet, a first depolarized initial key is generated at a first network device ND1, and a different, second depolarized initial key is generated at a second network device ND2.
At block 260, a hash value corresponding to the data unit or packet is determined based on the depolarized initial key, in an embodiment. For example, a hash function such as the hash function 128 operates on the depolarized initial key to produce a hash value. In an embodiment, each network device ND1-ND6 of the communication network 10 includes the same, common hash function.
At an optional block 262, the hash value determined at the block 260 (e.g., the original hash value) is further modified to avoid or decrease intra-switch polarization or polarization within the network device, in an embodiment. For example, the original hash value is modified to generate a modified hash value by selecting a subset of bits of the hash value. The subset of selected bits is determined based on a type or identity of a client of the hash value, in an embodiment. For instance, an egress table client requires only eight bytes of a 70 byte long modified key, so eight bits of the hash value are selected to form a modified hash value. In an embodiment, mutually exclusive subsets of bits or bytes are mapped to respective clients or respective types of clients of the hash value. In an embodiment, block 262 is omitted.
At block 265, a communication link via which the data unit or packet is to be egressed or transmitted from the network device is determined. In an embodiment, the communication link is determined based on a hash value determined at the block 260 (or based on a modified hash value determined at the block 262, if optional block 262 is included). In an embodiment, a client of the (modified) hash value performs one or more functions, based on the (modified) hash value, that are executed within the network device to forward the data unit or packet. For example, if the client is an egress interface table such as the egress interface table 160, the egress interface table 160 utilizes the (modified) hash value as an index to determine a particular virtual port, physical port or communication link via which the packet is to be transmitted. The particular communication link or port is or corresponds to one of a plurality of communication links that are included in a link aggregate group corresponding to the network device, in an embodiment.
At block 268, the packet is caused to be transmitted from the network device. In an embodiment, a data unit such as the data packet 40 is transmitted via a certain port PT of the network device implementing the method 250 (e.g., the network device ND1), for example, over the particular communication link determined at block 265.
FIG. 7 is a flow diagram of an example method 300 for load balancing traffic in a communication network 10, according to an embodiment. The method 300 is implemented by the hash value generator 16 alone (see FIG. 2), or by the hash value generator 16 in cooperation with other components of the corresponding network device ND1-ND6 (see FIG. 1), in some embodiments. The method 300 operates in conjunction with the hash value modifier 220 of FIG. 5 and/or in conjunction with the method 250 of FIG. 6, in an embodiment.
At block 302, a data unit such as the data packet 40 is received at a certain port PR of the network device implementing the method 300 (e.g., the network device ND1). Next, at block 305, an initial key is determined based on information included in the received packet or data unit. The initial key includes, in an embodiment, an indication of a source and of a destination of the data unit or packet.
At block 308, a modified key is generated from the initial key, in an embodiment. In an embodiment, the modified key is a load balancing key, where the load balancing key is configured so that traffic within the network 10 is more load balanced when the load balancing key is utilized as compared to when the initial key is utilized. Generating the load balancing key 308 includes, in an embodiment, generating a symmetric key based on two fields of the initial key. In an embodiment, the two fields of the initial key correspond to an indication of the source of the packet and an indication of the destination of the packet. For example, the two fields of the initial key may correspond to an IP source address and an IP destination address, a MAC source address and a MAC destination address, a virtual source port identifier and a virtual destination port identifier, a physical source port identifier and a physical destination port identifier, etc.
A commutative function is applied to one of the two fields, and the result of the commutative function is populated into the respective field of the symmetric key, in an embodiment. The other field of the symmetric key is populated with a constant (e.g., zero or some other suitable constant) or with a derivative of the result of the commutative function (e.g., a derivative of the content of the first field of the symmetric key), in an embodiment. The commutative function is any suitable commutative function, such as an addition function, a multiplication function, or the like.
Based on the load balancing key, a common hash value is determined at block 310 irrespective of the ordering of the two field of the initial key, in an embodiment. That is, a common hash value is determined irrespective of the direction in which a packet is traveling. In some cases, a hash function such as the hash function 128 operates on the load balancing key to produce the common hash value. In an embodiment, each network device ND1-ND6 of the communication network 10 includes the same, common hash function.
At an optional block 312, the hash value determined at the block 310 (e.g., the original, common hash value) is further modified to generate a modified hash value that, in turn, effects intra-switch load balancing or load balancing within the network device itself. In an embodiment, the original hash value is re-sized to a different length based on the requirements of a client of the hash value. For example, if the client is the egress interface table 160 of FIG. 4, the length of the original hash value is adjusted based on a total number of communication links included in the link aggregate group corresponding to the network device (e.g., ND1) to form a modified hash value that is sized. In an embodiment, if the original hash value generated at the block 310 has a length of n bits, and the client requires a load balancing hash value between Z to y, each of the possible 2n values of the original hash value is mapped to a load balancing hash value between Z and y. For example, an original hash value x generated at the block 310 is transformed into a sized, modified hash value at the block 312 according to the function
f(x)=x modulo(y+1),  (9)
according to the function
g(x)=x*(y+1)n +Z.  (10)
or according to another suitable function. Typically, but not necessarily, the length of the sized, modified hash value generated at the block 312 is less than a length of the original hash value generated at the block 310. In some embodiments, block 312 is omitted.
At block 315, a communication link over which the data unit or packet is to be transmitted from the network device is determined. In an embodiment, the communication link is determined based on the original hash value determined at the block 310 (or based on the modified hash value determined at the block 312, if optional block 312 is included). In an embodiment, a client of the (modified) hash value performs one or more functions, based on the (modified) hash value, that are executed within the network device to forward or analyze the data unit or packet. For example, if the client is an egress interface table such as the egress interface table 160, the egress interface table 160 utilizes the (modified) hash value as an index to determine a particular communication link or port (e.g., virtual or physical port) via which the packet is to be transmitted. The particular communication link may be one of a plurality of communication links that are included in a link aggregate group corresponding to the network device, in an embodiment.
At block 318, the data unit or packet is caused to be egressed or transmitted from the network device. In an embodiment, a data unit such as the data packet 40 is transmitted via a certain port PT of the network device implementing the method 300 (e.g., the network device ND1). For example, the packet is transmitted from a network interface of the network device over the particular communication link determined at the block 315.
Techniques described herein are utilized in a network device that utilizes virtual port techniques, in an embodiment. An example of a network device utilizing virtual port techniques is disclosed in U.S. patent application Ser. No. 12/030,822, entitled “Logical Bridging System and Method,” filed on Feb. 13, 2008, now U.S. Pat. No. 7,796,594, the entire disclosure of which is hereby expressly incorporated by reference herein. Another example of a network device utilizing virtual port techniques is disclosed in U.S. patent application Ser. No. 12/938,116, entitled “Switching Apparatus and Method Based on Virtual Interfaces,” and filed on Nov. 2, 2010, the entire disclosure of which is hereby expressly incorporated by reference herein. With virtual port techniques, a network device typically utilizes a different number of virtual ports than a number of physical ports, and the network device is configured to perform a mapping between virtual ports and physical ports. For example, in one example network device utilizing virtual port techniques, indications of the physical ports via which packets ingress the network device are mapped to virtual ports. A packet processor is configured to process packets with respect to virtual ports. For example, the packet processor determines one or more virtual ports to which a packet is to be forwarded. The determined one or more virtual ports are mapped to one or more physical ports, and the packet is transmitted via the determined one or more physical ports.
FIG. 8 is a block diagram of an example network device 350 that utilizes virtual ports and that implements at least some of the load balancing techniques described herein, according to an embodiment. The network device 350 is included in the communication network 10 of FIG. 1, in an embodiment. For example, one or more of network devices ND1-ND6 of FIG. 1 includes the network device 350 of FIG. 8, in an embodiment.
The network device 350 includes a mapper 352 configured to map physical ports to virtual ports, and vice versa. For example, the mapper 352 maps a physical port via which a data unit 102 is received to a virtual port.
A packet processor 354 processes packets with respect to virtual ports. For example, the packet processor 354 may determine one or more virtual ports to which a packet is to be forwarded. The packet processor 354 includes a hash value generator 355. In an embodiment, the hash value generator 355 is an embodiment of the hash value generator 16 of FIG. 2. The hash value generator 355 operates on the data unit 102, and generates a hash value 358, in an embodiment. For example, the hash value 358 is an embodiment of the hash value 115 of FIG. 2. In an embodiment and in some scenarios, the hash value 115 is generated based on an indication of a virtual source port corresponding to a physical port via which the data unit 102 was received.
The generated hash value 358 is utilized with respect to lookups in an egress table 360, in an embodiment. For example, the egress table 360 is an embodiment of the client 130 of FIG. 2 or the egress table 160 of FIG. 4. The egress table 360 includes entries storing indications of virtual destination ports, in an embodiment, and the hash value 358 is used to determine a particular entry of the egress table 360 to identify a particular virtual port 362 to which the data unit 102 is to be forwarded. For example, the hash value 358 is used to determine an index into the egress table 360 to determine the particular virtual port, in a manner similar to that as previously discussed with respect to FIG. 4.
An indication of the particular virtual destination port 362 determined based on the egress table 360 is provided to the mapper 352, in an embodiment. The mapper 352 maps the virtual destination port 362 to a corresponding physical destination port, in an embodiment. The network device 350 causes the data unit or packet to be transmitted from the network device 350 via the corresponding physical destination port, in an embodiment. As such, a load of traffic across a set of virtual and/or physical destination ports is more uniformly balanced in the network device 350, in an embodiment.
FIG. 9 is a flow diagram of an example method 400 for load balancing traffic in a network device, according to an embodiment. In an embodiment, the method 400 is implemented by the network device 350 of FIG. 8. The method 400 operates in conjunction with the hash value generator 16 of FIG. 2, the hash value modifier 220 of FIG. 5, the method 250 of FIG. 6, and/or the method 300 of FIG. 7, in some embodiments.
At block 402, a data unit such as the data packet 40 is received at a certain port PR of the network device having virtual ports (e.g., the network device 350 or another suitable network device). For example, the certain port PR is a physical port, and the physical port is then mapped to a corresponding virtual port, according to an embodiment. Next, at block 405, an initial key is determined based on information included in the packet or data unit. In some embodiments and/or scenarios, the initial key is determined based on an indication of a virtual source port corresponding to the certain physical port PR via which the data unit was received.
At block 408, a modified key is generated from the initial key. In an embodiment, the modified key is generated such that the modified key is depolarized (such as previously described with respect to FIG. 6), and/or such that the modified key is symmetric (such as previously described with respect to FIG. 7).
At block 410, a hash value is determined based on the modified key. For example, the hash value is generated based on applying a hash function such as the hash function 128 to the modified key, in an embodiment. In an embodiment, each network device ND1-ND6 of the communication network 10 applies the same, common hash function.
At block 412, the hash value determined at the block 410 is further modified to generate a modified hash value that, in turn, affects intra-switch load balancing or load balancing within the network device itself. In an embodiment, the original hash value is re-sized to a different length based on requirements of a client of the hash value. For example, the hash value is re-sized based on the egress table 360. In some embodiments, block 412 is omitted.
At block 415, a virtual destination port corresponding to the data unit or packet is determined. In an embodiment, the virtual destination port is determined based on the original hash value determined at the block 410 (or based on the modified hash value determined at the block 412, if block 412 is included). In an embodiment, a client of the (modified) hash value performs one or more functions, based on the (modified) hash value. In an embodiment, the one or more functions performed by the client are functions executed within the network device to forward or analyze the data unit or packet. In an embodiment, the client performs a look up in an egress interface table such as the egress interface table 360. For example, the (modified) hash value is utilized as an index to determine a particular entry of the table 360 whose contents indicate the virtual destination port.
At block 418, a particular physical destination port corresponding to the particular virtual destination port is determined. For example, the particular physical destination port may be determined from a mapping between physical ports and virtual ports of the network device.
At block 420, the data unit or packet is caused to be egressed or transmitted from the network device via the particular physical destination port determined at block 420. In an embodiment, a data unit such as the data packet 40 is transmitted via a certain port PT of the network device implementing the method 400 (e.g., the network device 350 or some other suitable network device).
At least some of the various blocks, operations, and techniques described above may be implemented utilizing hardware, a processor executing firmware instructions, a processor executing software instructions, or any combination thereof. When implemented utilizing a processor executing software or firmware instructions, the software or firmware instructions may be stored in any computer readable memory such as on a magnetic disk, an optical disk, or other storage medium, in a RAM or ROM or flash memory, processor, hard disk drive, optical disk drive, tape drive, etc. The software or firmware instructions may include machine readable instructions that, when executed by the processor, cause the processor to perform various acts.
When implemented in hardware, the hardware may comprise one or more of discrete components, an integrated circuit, an application-specific integrated circuit (ASIC), a programmable logic device (PLD), etc.
Although the forgoing text sets forth a detailed description of numerous different embodiments, it should be understood that the scope of the patent is defined by the words of the claims set forth at the end of this patent. The detailed description is to be construed merely as providing illustrative examples and does not describe every possible embodiment because describing every possible embodiment would be impractical, if not impossible. Numerous alternative embodiments could be implemented, using either current technology or technology developed after the filing date of this disclosure, which would still fall within the scope of the claims.

Claims (19)

What is claimed is:
1. A method for load balancing traffic in a communication network, comprising:
receiving a data unit at a network device included in the communication network, the network device associated with a link aggregate group included in the communication network;
determining an initial key based on information included in the data unit;
generating a symmetric key based on a first field of the initial key and a second field of the initial key;
applying a hash function to the symmetric key to generate an initial hash value;
load balancing traffic across the link aggregate group of the network device, including:
(i) determining, based on the first hash value, a sized hash value having a length different than a length of the initial hash value, and
(ii) determining, based on the sized hash value, a communication link in the link aggregate group; and
causing the data unit to be transmitted over the communication link.
2. The method of claim 1, wherein generating the symmetric key comprises generating a symmetric key that causes a common hash value to be generated for different sequences of the first field of the initial key and the second field of the initial key.
3. The method of claim 1, wherein generating the symmetric key based on the first field of the initial key and on the second field of the initial key comprises:
applying a commutative function to the first field of the initial key and to the second field of the initial key;
populating one of a first field of the symmetric key or a second field of the symmetric key with a result of the commutative function; and
populating the other one of the first field of the symmetric key or the second field of the symmetric key with one of: a constant, or a derivative of the result of the commutative function.
4. The method of claim 3, wherein applying the commutative function comprises applying an addition function.
5. The method of claim 1, wherein generating the symmetric key based on the first field of the initial key and on the second field of the initial key comprises one of:
generating the symmetric key based on an IP (Internet Protocol) address source field of the data unit and on an IP address destination field of the data unit;
generating the symmetric key based on a MAC (media access control) address source field of the data unit and on a MAC address destination field of the data unit;
generating the symmetric key based on a virtual port source field associated with the data unit and on a virtual port destination field associated with the data unit; or
generating the symmetric key based on a physical port source field associated with the data unit and on a physical port destination field associated with the data unit.
6. The method of claim 1, wherein determining the sized hash value based on the initial hash value comprises determining the sized hash value based on a mapping of a range of hash values across a total number of communication links included in the link aggregate group, the range of hash values including the initial hash value.
7. The method of claim 6, wherein the mapping the range of hash values across the total number of communication links corresponds to at least one of:

f(x)=x mod y, or

g(x)=x*(y+1)n +Z,
where:
x is a particular hash value,
y corresponds to the total number of communication links included in the link aggregate group,
n is a number of bits included in the particular hash value, and
Z is a lower bound of a range corresponding to the total number of communication links.
8. A network device for load balancing traffic in a communication network, the network device comprising:
a network interface configured to receive a data unit;
a hash value generator configured to generate a sized hash value based on the data unit, the hash value generator including:
(i) a symmetric key generator configured to generate a symmetric key based on a source field of an initial key and on a destination field of the initial key, the initial key based on at least a portion of data included in the data unit,
(ii) a hash function to generate an initial hash value based on the symmetric key, and
(iii) a sizer configured to adjust, based on a total number of communication links included in a link aggregate group, a length of the initial hash value to form the sized hash value, the adjustment to avoid polarization across communication links of the link aggregate group; and
a link selector configured to select, based on the sized hash value, a communication link included in the link aggregate group, the selected communication link to egress the data unit from the network device.
9. The network device of claim 8, wherein the symmetric key is configured to cause a common hash value to be generated by the hash function for different sequences of the source field of the initial key and the destination field of the initial key.
10. The network device of claim 8, wherein:
the symmetric key comprises a symmetric key source field and a symmetric key destination field,
one of the symmetric key source field or the symmetric key destination field corresponds to a result of a commutative function corresponding to the source field of the initial key and to the destination field of the initial key, and
the other one of the symmetric key source field or the symmetric key destination field corresponds to one of: a constant, or a derivative of the result of the commutative function.
11. The network device of claim 10, wherein the commutative function is an addition function.
12. The network device of claim 8, wherein the source field of the initial key and the destination field of the initial key comprise one of:
an IP (Internet Protocol) address source field corresponding to the data unit and an IP address destination field corresponding to the data unit;
a MAC (Machine Addressable Code) address source field corresponding to the data unit and a MAC address destination field corresponding to the data unit;
a virtual port source field corresponding to the data unit and a virtual port destination field corresponding to the data unit; or
a physical port source field corresponding to the data unit and a physical port destination field corresponding to the data unit.
13. The network device of claim 8, wherein the sizer is configured to adjust the length of the initial hash value based on at least one of:

f(x)=x mod y, or

g(x)=x*(y+1)n +Z,
wherein x is the initial hash value, y is the total number of communication links, and n is a number of bits included in the initial hash value, and Z is a lower bound of a range corresponding to the total number of communication links.
14. A network device for load balancing traffic in a communication network, comprising:
a network interface to receive a data unit;
a hash value generator to generate a hash value based on the data unit, the hash value generator including:
(i) a symmetric key generator configured to generate a symmetric key based on the data unit;
(ii) a hash function configured to generate the hash value based on the symmetric key, wherein the symmetric key is configured to cause a common hash value to be generated by the hash function for different sequences of: a first field corresponding to the data unit, and a second field corresponding to the data unit;
(iii) a sizer configured to adjust a length of the hash value based on a total number of communication links included in a link aggregate group, the link aggregate group including the selected communication link, wherein an adjusted length of the hash value is different than an original length of the hash value; and
a link selector to select, based on the hash value having the adjusted length, a communication link to egress the data unit from the network device.
15. The network device of claim 14, wherein:
the symmetric key comprises a symmetric key source field and a symmetric key destination field,
a value of one of the symmetric key source field or the symmetric key destination field is a result of a commutative function,
inputs to the commutative function include a value of the first field corresponding to the data unit and a value of the second field corresponding to the data unit, and
a value of the other one of the symmetric key source field or the symmetric key destination field is one of: a constant, or a derivative of the result of the commutative function.
16. The network device of claim 14, wherein the first field corresponding to the data unit and the second field corresponding to the data unit comprise one of:
an IP (Internet Protocol) address source field corresponding to the data unit and an IP address destination field corresponding to the data unit;
a MAC (Machine Addressable Code) address source field corresponding to the data unit and a MAC address destination field corresponding to the data unit;
a virtual port source field corresponding to the data unit and a virtual port destination field corresponding to the data unit; or
a physical port source field corresponding to the data unit and a physical port destination field corresponding to the data unit.
17. A method for load balancing traffic in a communication network, comprising:
receiving a data unit at a network device included in the communication network, the network device associated with a link aggregate group included in the communication network;
determining an initial key based on information included in the data unit;
generating a symmetric key based on a first field of the initial key and a second field of the initial key, including:
(i) applying a commutative function to the first field of the initial key and to the second field of the initial key,
(ii) populating one of a first field of the symmetric key or a second field of the symmetric key with a result of the commutative function, and
(iii) populating the other one of the first field of the symmetric key or the second field of the symmetric key with one of: a constant, or a derivative of the result of the commutative function;
applying a hash function to the symmetric key to generate a hash value;
determining, based on the hash value, a communication link in the link aggregate group;
and
causing the data unit to be transmitted over the communication link.
18. A network device for load balancing traffic in a communication network, the network device comprising:
a network interface configured to receive a data unit;
a hash value generator configured to generate a hash value based on the data unit, the hash value generator including:
(i) a symmetric key generator configured to generate a symmetric key based on a source field of an initial key and on a destination field of the initial key, wherein:
the initial key is based on at least a portion of data included in the data unit,
the symmetric key comprises a symmetric key source field and a symmetric key destination field,
one of the symmetric key source field or the symmetric key destination field corresponds to a result of a commutative function corresponding to the source field of the initial key and to the destination field of the initial key, and
the other one of the symmetric key source field or the symmetric key destination field corresponds to one of: a constant, or a derivative of the result of the commutative function; and
(ii) a hash function to generate the hash value based on the symmetric key; and
a link selector configured to select, based on the hash value, a communication link to egress the data unit from the network device.
19. A network device for load balancing traffic in a communication network, comprising:
a network interface to receive a data unit;
a hash value generator to generate a hash value based on the data unit, the hash value generator including:
(i) a symmetric key generator configured to generate a symmetric key based on the data unit, wherein:
the symmetric key comprises a symmetric key source field and a symmetric key destination field,
a value of one of the symmetric key source field or the symmetric key destination field is a result of a commutative function,
inputs to the commutative function include a value of a first field corresponding to the data unit and a value of a second field corresponding to the data unit, and
a value of the other one of the symmetric key source field or the symmetric key destination field is one of: a constant, or a derivative of the result of the commutative function; and
(ii) a hash function configured to generate the hash value based on the symmetric key, wherein the symmetric key is configured to cause a common hash value to be generated by the hash function for different sequences of the first field and the second field corresponding to the data unit; and
a link selector to select, based on the hash value, a communication link to egress the data unit from the network device.
US13/305,802 2010-11-30 2011-11-29 Load balancing hash computation for network switches Active 2031-12-28 US8614950B2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US13/305,802 US8614950B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches
US14/139,428 US9455966B2 (en) 2010-11-30 2013-12-23 Load balancing hash computation for network switches

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US41836210P 2010-11-30 2010-11-30
US13/305,802 US8614950B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/139,428 Continuation US9455966B2 (en) 2010-11-30 2013-12-23 Load balancing hash computation for network switches

Publications (2)

Publication Number Publication Date
US20120134497A1 US20120134497A1 (en) 2012-05-31
US8614950B2 true US8614950B2 (en) 2013-12-24

Family

ID=46126600

Family Applications (6)

Application Number Title Priority Date Filing Date
US13/305,807 Active 2032-03-21 US8660005B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches
US13/305,802 Active 2031-12-28 US8614950B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches
US13/305,794 Active 2032-06-18 US8756424B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches
US14/139,428 Active US9455966B2 (en) 2010-11-30 2013-12-23 Load balancing hash computation for network switches
US14/178,974 Active US9503435B2 (en) 2010-11-30 2014-02-12 Load balancing hash computation for network switches
US14/305,828 Active US9455967B2 (en) 2010-11-30 2014-06-16 Load balancing hash computation for network switches

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/305,807 Active 2032-03-21 US8660005B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches

Family Applications After (4)

Application Number Title Priority Date Filing Date
US13/305,794 Active 2032-06-18 US8756424B2 (en) 2010-11-30 2011-11-29 Load balancing hash computation for network switches
US14/139,428 Active US9455966B2 (en) 2010-11-30 2013-12-23 Load balancing hash computation for network switches
US14/178,974 Active US9503435B2 (en) 2010-11-30 2014-02-12 Load balancing hash computation for network switches
US14/305,828 Active US9455967B2 (en) 2010-11-30 2014-06-16 Load balancing hash computation for network switches

Country Status (2)

Country Link
US (6) US8660005B2 (en)
CN (1) CN102571558B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120230194A1 (en) * 2011-03-11 2012-09-13 Broadcom Corporation Hash-Based Load Balancing in Large Multi-Hop Networks with Randomized Seed Selection
US20120287946A1 (en) * 2011-05-13 2012-11-15 Broadcom Corporation Hash-Based Load Balancing with Flow Identifier Remapping
US20150312153A1 (en) * 2014-04-23 2015-10-29 Dell Products L.P. Systems and methods for load-balancing in a data center
US9237100B1 (en) 2008-08-06 2016-01-12 Marvell Israel (M.I.S.L.) Ltd. Hash computation for network switches
US9455967B2 (en) 2010-11-30 2016-09-27 Marvell Israel (M.I.S.L) Ltd. Load balancing hash computation for network switches
US9537771B2 (en) 2013-04-04 2017-01-03 Marvell Israel (M.I.S.L) Ltd. Exact match hash lookup databases in network switch devices
WO2018005550A1 (en) * 2016-06-28 2018-01-04 Paypal, Inc. Tapping network data to perform load balancing
US9876719B2 (en) 2015-03-06 2018-01-23 Marvell World Trade Ltd. Method and apparatus for load balancing in network switches
US9906592B1 (en) 2014-03-13 2018-02-27 Marvell Israel (M.I.S.L.) Ltd. Resilient hash computation for load balancing in network switches
US10243857B1 (en) 2016-09-09 2019-03-26 Marvell Israel (M.I.S.L) Ltd. Method and apparatus for multipath group updates
US10587516B1 (en) * 2014-07-15 2020-03-10 Marvell Israel (M.I.S.L) Ltd. Hash lookup table entry management in a network device
US10904150B1 (en) 2016-02-02 2021-01-26 Marvell Israel (M.I.S.L) Ltd. Distributed dynamic load balancing in network systems

Families Citing this family (138)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7916735B2 (en) 2008-12-02 2011-03-29 At&T Intellectual Property I, L.P. Method for applying macro-controls onto IP networks using intelligent route indexing
US9270486B2 (en) 2010-06-07 2016-02-23 Brocade Communications Systems, Inc. Name services for virtual cluster switching
US9769016B2 (en) 2010-06-07 2017-09-19 Brocade Communications Systems, Inc. Advanced link tracking for virtual cluster switching
US9716672B2 (en) 2010-05-28 2017-07-25 Brocade Communications Systems, Inc. Distributed configuration management for virtual cluster switching
US8867552B2 (en) 2010-05-03 2014-10-21 Brocade Communications Systems, Inc. Virtual cluster switching
US9608833B2 (en) 2010-06-08 2017-03-28 Brocade Communications Systems, Inc. Supporting multiple multicast trees in trill networks
US9806906B2 (en) 2010-06-08 2017-10-31 Brocade Communications Systems, Inc. Flooding packets on a per-virtual-network basis
US9628293B2 (en) 2010-06-08 2017-04-18 Brocade Communications Systems, Inc. Network layer multicasting in trill networks
US9807031B2 (en) 2010-07-16 2017-10-31 Brocade Communications Systems, Inc. System and method for network configuration
US8619782B2 (en) * 2010-12-14 2013-12-31 International Business Machines Corporation Bidirectional packet flow transformation
US8750146B2 (en) * 2010-12-15 2014-06-10 At&T Intellectual Property I, L.P. Method and apparatus for applying uniform hashing to wireless traffic
US8776207B2 (en) * 2011-02-16 2014-07-08 Fortinet, Inc. Load balancing in a network with session information
US8635352B2 (en) * 2011-02-22 2014-01-21 Qwilt, Inc. System and method for symmetric receive-side scaling (RSS)
US9246810B2 (en) * 2011-03-11 2016-01-26 Broadcom Corporation Hash-based load balancing with per-hop seeding
CN102118319B (en) * 2011-04-06 2013-09-18 杭州华三通信技术有限公司 Traffic load balancing method and device
US9031498B1 (en) 2011-04-26 2015-05-12 Sprint Communications Company L.P. Automotive multi-generation connectivity
US8484707B1 (en) * 2011-06-09 2013-07-09 Spring Communications Company L.P. Secure changing auto-generated keys for wireless access
US9439240B1 (en) 2011-08-26 2016-09-06 Sprint Communications Company L.P. Mobile communication system identity pairing
US9736085B2 (en) 2011-08-29 2017-08-15 Brocade Communications Systems, Inc. End-to end lossless Ethernet in Ethernet fabric
US8548532B1 (en) 2011-09-27 2013-10-01 Sprint Communications Company L.P. Head unit to handset interface and integration
US20130083660A1 (en) * 2011-10-03 2013-04-04 Cisco Technology, Inc. Per-Group ECMP for Multidestination Traffic in DCE/TRILL Networks
US9699117B2 (en) 2011-11-08 2017-07-04 Brocade Communications Systems, Inc. Integrated fibre channel support in an ethernet fabric switch
US9450870B2 (en) 2011-11-10 2016-09-20 Brocade Communications Systems, Inc. System and method for flow management in software-defined networks
US9171030B1 (en) 2012-01-09 2015-10-27 Marvell Israel (M.I.S.L.) Ltd. Exact match lookup in network switch devices
US8995272B2 (en) 2012-01-26 2015-03-31 Brocade Communication Systems, Inc. Link aggregation in software-defined networks
US9742693B2 (en) 2012-02-27 2017-08-22 Brocade Communications Systems, Inc. Dynamic service insertion in a fabric switch
US9154416B2 (en) 2012-03-22 2015-10-06 Brocade Communications Systems, Inc. Overlay tunnel in a fabric switch
US9398454B1 (en) 2012-04-24 2016-07-19 Sprint Communications Company L.P. In-car head unit wireless communication service subscription initialization
US8630747B2 (en) 2012-05-14 2014-01-14 Sprint Communications Company L.P. Alternative authorization for telematics
US9374301B2 (en) 2012-05-18 2016-06-21 Brocade Communications Systems, Inc. Network feedback in software-defined networks
US10277464B2 (en) 2012-05-22 2019-04-30 Arris Enterprises Llc Client auto-configuration in a multi-switch link aggregation
EP2853066B1 (en) 2012-05-23 2017-02-22 Brocade Communications Systems, Inc. Layer-3 overlay gateways
US8891364B2 (en) * 2012-06-15 2014-11-18 Citrix Systems, Inc. Systems and methods for distributing traffic across cluster nodes
US20130343181A1 (en) * 2012-06-21 2013-12-26 Jonathan Stroud Systems and methods of data processing using an fpga-implemented hash function
US20130343377A1 (en) * 2012-06-21 2013-12-26 Jonathan Stroud Hash-based packet distribution in a computer system
JP5954030B2 (en) * 2012-08-02 2016-07-20 富士通株式会社 Cryptographic processing apparatus and method
US9049137B1 (en) 2012-08-06 2015-06-02 Google Inc. Hash based ECMP load balancing with non-power-of-2 port group sizes
US9514091B2 (en) * 2012-08-12 2016-12-06 Avaya Inc. Link aggregation using digests
US9602430B2 (en) 2012-08-21 2017-03-21 Brocade Communications Systems, Inc. Global VLANs for fabric switches
US8990905B1 (en) * 2012-09-28 2015-03-24 Emc Corporation Protected resource access control utilizing intermediate values of a hash chain
JP5995279B2 (en) * 2012-10-24 2016-09-21 日本電気株式会社 Network device, method, and program
US9032547B1 (en) 2012-10-26 2015-05-12 Sprint Communication Company L.P. Provisioning vehicle based digital rights management for media delivered via phone
US9401872B2 (en) 2012-11-16 2016-07-26 Brocade Communications Systems, Inc. Virtual link aggregations across multiple fabric switches
WO2014082259A1 (en) * 2012-11-29 2014-06-05 华为技术有限公司 Method and device for implementing load balancing
US9438447B2 (en) 2012-12-18 2016-09-06 International Business Machines Corporation Flow distribution algorithm for aggregated links in an ethernet switch
US9350680B2 (en) 2013-01-11 2016-05-24 Brocade Communications Systems, Inc. Protection switching over a virtual link aggregation
US9413691B2 (en) 2013-01-11 2016-08-09 Brocade Communications Systems, Inc. MAC address synchronization in a fabric switch
US9548926B2 (en) * 2013-01-11 2017-01-17 Brocade Communications Systems, Inc. Multicast traffic load balancing over virtual link aggregation
US9565113B2 (en) * 2013-01-15 2017-02-07 Brocade Communications Systems, Inc. Adaptive link aggregation and virtual link aggregation
US9143331B2 (en) * 2013-02-07 2015-09-22 Qualcomm Incorporated Methods and devices for authentication and key exchange
US9173238B1 (en) 2013-02-15 2015-10-27 Sprint Communications Company L.P. Dual path in-vehicle communication
US9819637B2 (en) 2013-02-27 2017-11-14 Marvell World Trade Ltd. Efficient longest prefix matching techniques for network devices
US9565099B2 (en) 2013-03-01 2017-02-07 Brocade Communications Systems, Inc. Spanning tree in fabric switches
US9110774B1 (en) 2013-03-15 2015-08-18 Sprint Communications Company L.P. System and method of utilizing driving profiles via a mobile device
WO2014145750A1 (en) 2013-03-15 2014-09-18 Brocade Communications Systems, Inc. Scalable gateways for a fabric switch
US9565028B2 (en) 2013-06-10 2017-02-07 Brocade Communications Systems, Inc. Ingress switch multicast distribution in a fabric switch
US9699001B2 (en) 2013-06-10 2017-07-04 Brocade Communications Systems, Inc. Scalable and segregated network virtualization
US9094323B2 (en) * 2013-06-26 2015-07-28 Cisco Technology, Inc. Probe packet discovery of entropy values causing specific paths to be taken through a network
US8578008B1 (en) 2013-07-16 2013-11-05 tw telecom holdings inc. Adjusting network service level on a scheduled basis
US8589524B1 (en) 2013-07-16 2013-11-19 tw telecom holdings inc. Adjusting network service level based on usage
US9838291B2 (en) * 2013-08-02 2017-12-05 Cellos Software Ltd Multicore processing of bidirectional traffic flows
US8611355B1 (en) 2013-09-03 2013-12-17 tw telecom holdings inc. Buffer-less virtual routing
US9806949B2 (en) 2013-09-06 2017-10-31 Brocade Communications Systems, Inc. Transparent interconnection of Ethernet fabric switches
US20150078375A1 (en) * 2013-09-13 2015-03-19 Broadcom Corporation Mutable Hash for Network Hash Polarization
US10489132B1 (en) 2013-09-23 2019-11-26 Sprint Communications Company L.P. Authenticating mobile device for on board diagnostic system access
US8699328B1 (en) 2013-09-24 2014-04-15 tw telecom holdings, inc. Determining feasibility of a network service using a ring analysis
US9197709B2 (en) 2013-09-27 2015-11-24 Level 3 Communications, Llc Provisioning dedicated network resources with API services
US8724626B1 (en) 2013-10-07 2014-05-13 tw telecom holdings inc. Redirecting network traffic based on content
US9912612B2 (en) 2013-10-28 2018-03-06 Brocade Communications Systems LLC Extended ethernet fabric switches
US9548873B2 (en) 2014-02-10 2017-01-17 Brocade Communications Systems, Inc. Virtual extensible LAN tunnel keepalives
US9571400B1 (en) * 2014-02-25 2017-02-14 Google Inc. Weighted load balancing in a multistage network using hierarchical ECMP
US10581758B2 (en) 2014-03-19 2020-03-03 Avago Technologies International Sales Pte. Limited Distributed hot standby links for vLAG
US10476698B2 (en) 2014-03-20 2019-11-12 Avago Technologies International Sales Pte. Limited Redundent virtual link aggregation group
US10063473B2 (en) 2014-04-30 2018-08-28 Brocade Communications Systems LLC Method and system for facilitating switch virtualization in a network of interconnected switches
US9800471B2 (en) 2014-05-13 2017-10-24 Brocade Communications Systems, Inc. Network extension groups of global VLANs in a fabric switch
US9252951B1 (en) 2014-06-13 2016-02-02 Sprint Communications Company L.P. Vehicle key function control from a mobile phone based on radio frequency link from phone to vehicle
US10616108B2 (en) 2014-07-29 2020-04-07 Avago Technologies International Sales Pte. Limited Scalable MAC address virtualization
US9544219B2 (en) 2014-07-31 2017-01-10 Brocade Communications Systems, Inc. Global VLAN services
US9807007B2 (en) 2014-08-11 2017-10-31 Brocade Communications Systems, Inc. Progressive MAC address learning
US9524173B2 (en) 2014-10-09 2016-12-20 Brocade Communications Systems, Inc. Fast reboot for a switch
US9699029B2 (en) 2014-10-10 2017-07-04 Brocade Communications Systems, Inc. Distributed configuration management in a switch group
US9591482B1 (en) 2014-10-31 2017-03-07 Sprint Communications Company L.P. Method for authenticating driver for registration of in-vehicle telematics unit
CN105763472B (en) * 2014-12-18 2020-08-11 中兴通讯股份有限公司 Cross-board forwarding method and device
US9626255B2 (en) 2014-12-31 2017-04-18 Brocade Communications Systems, Inc. Online restoration of a switch snapshot
US9628407B2 (en) 2014-12-31 2017-04-18 Brocade Communications Systems, Inc. Multiple software versions in a switch group
US9942097B2 (en) 2015-01-05 2018-04-10 Brocade Communications Systems LLC Power management in a network of interconnected switches
US10003552B2 (en) 2015-01-05 2018-06-19 Brocade Communications Systems, Llc. Distributed bidirectional forwarding detection protocol (D-BFD) for cluster of interconnected switches
US9590897B1 (en) * 2015-02-26 2017-03-07 Qlogic Corporation Methods and systems for network devices and associated network transmissions
US9807005B2 (en) 2015-03-17 2017-10-31 Brocade Communications Systems, Inc. Multi-fabric manager
US10038592B2 (en) 2015-03-17 2018-07-31 Brocade Communications Systems LLC Identifier assignment to a new switch in a switch group
US10579406B2 (en) 2015-04-08 2020-03-03 Avago Technologies International Sales Pte. Limited Dynamic orchestration of overlay tunnels
US10476797B2 (en) * 2015-04-13 2019-11-12 Dell Products L.P. Systems and methods to route over a link aggregation group to a true next hop
US9649999B1 (en) 2015-04-28 2017-05-16 Sprint Communications Company L.P. Vehicle remote operations control
US9444892B1 (en) 2015-05-05 2016-09-13 Sprint Communications Company L.P. Network event management support for vehicle wireless communication
US10439929B2 (en) 2015-07-31 2019-10-08 Avago Technologies International Sales Pte. Limited Graceful recovery of a multicast-enabled switch
US9604651B1 (en) 2015-08-05 2017-03-28 Sprint Communications Company L.P. Vehicle telematics unit communication authorization and authentication and communication service provisioning
US10171303B2 (en) 2015-09-16 2019-01-01 Avago Technologies International Sales Pte. Limited IP-based interconnection of switches with a logical chassis
CN106559324A (en) * 2015-09-24 2017-04-05 华为技术有限公司 A kind of method E-Packeted based on equal cost multipath and the network equipment
US10979334B1 (en) * 2015-10-02 2021-04-13 MyDigitalShield, Inc. Systems and methods for monitoring network traffic
US10164885B2 (en) * 2015-12-02 2018-12-25 Nicira, Inc. Load balancing over multiple tunnel endpoints
US10719341B2 (en) 2015-12-02 2020-07-21 Nicira, Inc. Learning of tunnel endpoint selections
US10069646B2 (en) 2015-12-02 2018-09-04 Nicira, Inc. Distribution of tunnel endpoint mapping information
US9912616B2 (en) 2015-12-02 2018-03-06 Nicira, Inc. Grouping tunnel endpoints of a bridge cluster
US9912614B2 (en) 2015-12-07 2018-03-06 Brocade Communications Systems LLC Interconnection of switches based on hierarchical overlay tunneling
US10164836B2 (en) * 2015-12-22 2018-12-25 Amazon Technologies, Inc. Shifting network traffic from a network device
US10178027B2 (en) * 2016-01-27 2019-01-08 Oracle International Corporation System and method for supporting inter subnet partitions in a high performance computing environment
CN107852378B (en) * 2016-01-27 2020-12-08 甲骨文国际公司 System and method for supporting scalable bitmap-based P _ Key tables in a high performance computing environment
US20170295099A1 (en) * 2016-04-11 2017-10-12 Arista Networks, Inc. System and method of load balancing across a multi-link group
US10103992B1 (en) * 2016-06-27 2018-10-16 Amazon Technologies, Inc. Network traffic load balancing using rotating hash
US10237090B2 (en) 2016-10-28 2019-03-19 Avago Technologies International Sales Pte. Limited Rule-based network identifier mapping
US10511531B1 (en) 2016-11-22 2019-12-17 Innovium, Inc. Enhanced lens distribution
US10355994B1 (en) 2016-11-22 2019-07-16 Innovium, Inc. Lens distribution
US10795873B1 (en) 2016-11-22 2020-10-06 Innovium, Inc. Hash output manipulation
US10601711B1 (en) * 2016-11-22 2020-03-24 Innovium, Inc. Lens table
US10616111B1 (en) * 2017-01-18 2020-04-07 Arista Networks, Inc. Consistent hashing for packets across multi-stage lookups
US10721338B2 (en) * 2017-07-31 2020-07-21 Nicira, Inc. Application based egress interface selection
US9853900B1 (en) * 2017-08-07 2017-12-26 Mellanox Technologies Tlv Ltd. Using consistent hashing for ECMP routing
CN107682268A (en) * 2017-10-18 2018-02-09 盛科网络(苏州)有限公司 The method and chip realization device that Hash polarizes are avoided in data center network
CN108111530B (en) * 2017-12-30 2020-11-13 世纪网通成都科技有限公司 Computer readable storage medium for detecting VOIP call state and detection system using the same
US11005925B2 (en) 2018-02-28 2021-05-11 International Business Machines Corporation Load balancing with power of random choices
CN108667730B (en) * 2018-04-17 2021-02-12 东软集团股份有限公司 Message forwarding method, device, storage medium and equipment based on load balancing
US11374865B2 (en) * 2018-07-02 2022-06-28 Marvell Israel (M.I.S.L) Ltd. Group specific load balancing in network devices
US11018978B1 (en) 2018-09-04 2021-05-25 Marvell Israel (M.I.S.L) Ltd. Configurable hash-based lookup in network devices
CN109450819B (en) * 2018-10-25 2021-08-17 锐捷网络股份有限公司 Method and system for forwarding broadcast message
US11070363B1 (en) 2018-12-21 2021-07-20 Mcafee, Llc Sharing cryptographic session keys among a cluster of network security platforms monitoring network traffic flows
US10841225B2 (en) * 2019-03-06 2020-11-17 Arista Networks, Inc. Load balancing using dynamically resizable consistent hashing
CN110636015A (en) * 2019-10-12 2019-12-31 迈普通信技术股份有限公司 Communication system and board card configuration method
US11418214B1 (en) 2020-03-20 2022-08-16 Cisco Technology, Inc. Effective seeding of CRC functions for flows' path polarization prevention in networks
US11755373B2 (en) 2020-10-07 2023-09-12 Oracle International Corporation Computation and storage of object identity hash values
US11818045B2 (en) 2021-04-05 2023-11-14 Bank Of America Corporation System for performing dynamic monitoring and prioritization of data packets
US11743156B2 (en) * 2021-04-05 2023-08-29 Bank Of America Corporation System for performing dynamic monitoring and filtration of data packets
US11575572B2 (en) * 2021-04-13 2023-02-07 Juniper Networks, Inc. Network controller horizontal scaling for network device configuration sessions management
WO2023058829A1 (en) * 2021-10-06 2023-04-13 고려대학교 산학협력단 In-network management device, network switch, and in-network data aggregation system and method
US11979314B2 (en) 2021-12-09 2024-05-07 Marvell Israel (M.I.S.L) Ltd. Hierarchical path selection in a communication network
US11743191B1 (en) 2022-07-25 2023-08-29 Vmware, Inc. Load balancing over tunnel endpoint groups
CN117675712A (en) * 2022-08-24 2024-03-08 瑞昱半导体股份有限公司 Network control method and network card
CN115883469B (en) * 2023-01-04 2023-06-02 苏州浪潮智能科技有限公司 Data stream load balancing method and device and data center
US12120017B1 (en) * 2023-04-12 2024-10-15 Arista Networks, Inc. Equal cost multipath forwarding using ingress port

Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6249521B1 (en) * 1997-02-14 2001-06-19 Advanced Micro Devices, Inc. Method and apparatus for creating a port vector
US20020093952A1 (en) 2000-06-30 2002-07-18 Gonda Rumi Sheryar Method for managing circuits in a multistage cross connect
US6614758B2 (en) * 1998-02-13 2003-09-02 Broadcom Corp Load balancing in link aggregation and trunking
US20030210688A1 (en) 2002-05-13 2003-11-13 International Business Machines Corporation Logically grouping physical ports into logical interfaces to expand bandwidth
US20040073640A1 (en) * 2002-09-23 2004-04-15 Cricket Technologies Llc Network load management apparatus, system, method, and electronically stored computer product
US6973082B2 (en) * 2002-02-01 2005-12-06 Fujitsu Limited Forwarding packets to aggregated links using distributed ingress card processing
US7190696B1 (en) * 2002-03-05 2007-03-13 Force10 Networks, Inc. System and method for distributing packets among a plurality of paths to a destination
US20080031263A1 (en) * 2006-08-07 2008-02-07 Cisco Technology, Inc. Method and apparatus for load balancing over virtual network links
US20080181103A1 (en) 2007-01-29 2008-07-31 Fulcrum Microsystems Inc. Traffic distribution techniques
US7554914B1 (en) * 2002-07-10 2009-06-30 Cisco Technology, Inc. System and method for adaptively balancing network traffic over router output ports
US7623455B2 (en) * 2005-04-02 2009-11-24 Cisco Technology, Inc. Method and apparatus for dynamic load balancing over a network link bundle
US7639614B2 (en) * 2005-04-12 2009-12-29 Fujitsu Limited Distribution-tuning mechanism for link aggregation group management
US7796594B2 (en) 2007-02-14 2010-09-14 Marvell Semiconductor, Inc. Logical bridging system and method
US7898959B1 (en) 2007-06-28 2011-03-01 Marvell Israel (Misl) Ltd. Method for weighted load-balancing among network interfaces
US20110102612A1 (en) 2008-04-25 2011-05-05 Naoto Iwata Vibration correction control circuit for correcting displacement of an optical axis due to vibration including camera shake and image pickup apparatus equipped therewith
US20110134925A1 (en) 2009-11-02 2011-06-09 Uri Safrai Switching Apparatus and Method Based on Virtual Interfaces
US8339951B2 (en) * 2010-07-28 2012-12-25 Hewlett-Packard Development Company, L.P. Method for configuration of a load balancing algorithm in a network device
US8355328B2 (en) * 2009-08-27 2013-01-15 Broadcom Corporation Dynamic load balancing

Family Cites Families (44)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5032987A (en) 1988-08-04 1991-07-16 Digital Equipment Corporation System with a plurality of hash tables each using different adaptive hashing functions
US6035107A (en) * 1997-08-28 2000-03-07 International Bunsiness Machines Corporation Method for performing functional comparison of combinational circuits
US6363396B1 (en) * 1998-12-21 2002-03-26 Oracle Corporation Object hashing with incremental changes
US6430170B1 (en) * 1999-05-27 2002-08-06 Qualcomm Inc. Method and apparatus for generating random numbers from a communication signal
US6735670B1 (en) 2000-05-12 2004-05-11 3Com Corporation Forwarding table incorporating hash table and content addressable memory
US6757742B1 (en) 2000-05-25 2004-06-29 Advanced Micro Devices, Inc. Computer-based system for validating hash-based table lookup schemes in a network switch
US7088713B2 (en) 2000-06-19 2006-08-08 Broadcom Corporation Switch fabric with memory management unit for improved flow control
US6909713B2 (en) 2001-09-05 2005-06-21 Intel Corporation Hash-based data frame distribution for web switches
US7327748B2 (en) * 2002-01-28 2008-02-05 Alcatel Lucent Enterprise switching device and method
US7224845B1 (en) 2002-02-28 2007-05-29 Bae Systems Information And Electric Systems Integration Inc. Bijection mapping for compression/denoising of multi-frame images
US7295511B2 (en) 2002-06-13 2007-11-13 Utstarcom, Inc. System and method for packet data serving node load balancing and fault tolerance
US7206861B1 (en) 2002-07-29 2007-04-17 Juniper Networks, Inc. Network traffic distribution across parallel paths
CN1319325C (en) * 2003-04-16 2007-05-30 华为技术有限公司 Method of finding route table item using ltsh chain table
US7346706B2 (en) * 2003-05-02 2008-03-18 Alcatel Equivalent multiple path traffic distribution in communications networks
US7359383B2 (en) * 2004-03-29 2008-04-15 Hewlett-Packard Development Company, L.P. Load balancing with mesh tagging
US7304996B1 (en) 2004-03-30 2007-12-04 Extreme Networks, Inc. System and method for assembling a data packet
US7613209B1 (en) * 2004-03-30 2009-11-03 Extreme Networks, Inc. System and method for egress packet marking
US7539750B1 (en) * 2004-03-30 2009-05-26 Extreme Networks, Inc. System and method for packet processor status monitoring
US7567567B2 (en) 2005-04-05 2009-07-28 Sun Microsystems, Inc. Network system including packet classification for partitioned resources
US7424016B2 (en) 2005-04-05 2008-09-09 Cisco Technology, Inc. Distributing a stream of packets across available output paths within a network
US7852850B2 (en) 2006-04-26 2010-12-14 Marvell Israel (M.I.S.L.) Ltd. Double-hash lookup mechanism for searching addresses in a network device
US8364711B2 (en) 2006-05-09 2013-01-29 John Wilkins Contact management system and method
US20080052488A1 (en) 2006-05-10 2008-02-28 International Business Machines Corporation Method for a Hash Table Lookup and Processor Cache
US8792497B2 (en) * 2006-06-05 2014-07-29 Tellabs Operations, Inc. Method and apparatus for performing link aggregation
JP5086585B2 (en) 2006-08-11 2012-11-28 アラクサラネットワークス株式会社 Network relay device
US8189585B2 (en) 2006-10-10 2012-05-29 Cisco Technology, Inc. Techniques for virtual private network fast convergence
US8243594B1 (en) * 2007-12-10 2012-08-14 Force10 Networks, Inc. Coordinated control of multiple parallel links or link aggregations
US7979671B2 (en) 2008-07-28 2011-07-12 CacheIQ, Inc. Dual hash indexing system and methodology
US9319300B2 (en) 2008-12-09 2016-04-19 Glue Networks, Inc. Systems and methods for determining endpoint configurations for endpoints of a virtual private network (VPN) and deploying the configurations to the endpoints
US8218553B2 (en) 2009-02-25 2012-07-10 Juniper Networks, Inc. Load balancing network traffic on a label switched path using resource reservation protocol with traffic engineering
US8244909B1 (en) 2009-06-18 2012-08-14 Google Inc. Method, apparatus and networking equipment for performing flow hashing using quasi cryptographic hash functions
US8565239B2 (en) 2009-07-14 2013-10-22 Broadcom Corporation Node based path selection randomization
US8665879B2 (en) 2009-07-14 2014-03-04 Broadcom Corporation Flow based path selection randomization using parallel hash functions
CN101605130B (en) * 2009-07-20 2012-04-18 杭州华三通信技术有限公司 Heartbeat handshake method and heartbeat handshake system
US8238250B2 (en) * 2009-10-16 2012-08-07 Hei Tao Fung QoS-aware flow-based dynamic load balancing for link aggregation
CN101820383B (en) * 2010-01-27 2014-12-10 中兴通讯股份有限公司 Method and device for restricting remote access of switcher
US8848728B1 (en) 2010-04-08 2014-09-30 Marvell Israel (M.I.S.L) Ltd. Dynamic load balancing switch architecture
CN102262557B (en) 2010-05-25 2015-01-21 运软网络科技(上海)有限公司 Method for constructing virtual machine monitor by bus architecture and performance service framework
US9392005B2 (en) 2010-05-27 2016-07-12 Samsung Sds Co., Ltd. System and method for matching pattern
US8660005B2 (en) 2010-11-30 2014-02-25 Marvell Israel (M.I.S.L) Ltd. Load balancing hash computation for network switches
US20120136846A1 (en) 2010-11-30 2012-05-31 Haoyu Song Methods of hashing for networks and systems thereof
WO2013008264A1 (en) 2011-07-08 2013-01-17 Hitachi, Ltd. Storage system and its data processing method
US9137013B2 (en) 2012-09-28 2015-09-15 Broadcom Corporation Method and system for a hardware-efficient universal hash function
US9537771B2 (en) 2013-04-04 2017-01-03 Marvell Israel (M.I.S.L) Ltd. Exact match hash lookup databases in network switch devices

Patent Citations (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6249521B1 (en) * 1997-02-14 2001-06-19 Advanced Micro Devices, Inc. Method and apparatus for creating a port vector
US6614758B2 (en) * 1998-02-13 2003-09-02 Broadcom Corp Load balancing in link aggregation and trunking
US20020093952A1 (en) 2000-06-30 2002-07-18 Gonda Rumi Sheryar Method for managing circuits in a multistage cross connect
US6973082B2 (en) * 2002-02-01 2005-12-06 Fujitsu Limited Forwarding packets to aggregated links using distributed ingress card processing
US7190696B1 (en) * 2002-03-05 2007-03-13 Force10 Networks, Inc. System and method for distributing packets among a plurality of paths to a destination
US20030210688A1 (en) 2002-05-13 2003-11-13 International Business Machines Corporation Logically grouping physical ports into logical interfaces to expand bandwidth
US7554914B1 (en) * 2002-07-10 2009-06-30 Cisco Technology, Inc. System and method for adaptively balancing network traffic over router output ports
US20040073640A1 (en) * 2002-09-23 2004-04-15 Cricket Technologies Llc Network load management apparatus, system, method, and electronically stored computer product
US7623455B2 (en) * 2005-04-02 2009-11-24 Cisco Technology, Inc. Method and apparatus for dynamic load balancing over a network link bundle
US7639614B2 (en) * 2005-04-12 2009-12-29 Fujitsu Limited Distribution-tuning mechanism for link aggregation group management
US20080031263A1 (en) * 2006-08-07 2008-02-07 Cisco Technology, Inc. Method and apparatus for load balancing over virtual network links
US20080181103A1 (en) 2007-01-29 2008-07-31 Fulcrum Microsystems Inc. Traffic distribution techniques
US7796594B2 (en) 2007-02-14 2010-09-14 Marvell Semiconductor, Inc. Logical bridging system and method
US7898959B1 (en) 2007-06-28 2011-03-01 Marvell Israel (Misl) Ltd. Method for weighted load-balancing among network interfaces
US20110102612A1 (en) 2008-04-25 2011-05-05 Naoto Iwata Vibration correction control circuit for correcting displacement of an optical axis due to vibration including camera shake and image pickup apparatus equipped therewith
US8355328B2 (en) * 2009-08-27 2013-01-15 Broadcom Corporation Dynamic load balancing
US20110134925A1 (en) 2009-11-02 2011-06-09 Uri Safrai Switching Apparatus and Method Based on Virtual Interfaces
US8339951B2 (en) * 2010-07-28 2012-12-25 Hewlett-Packard Development Company, L.P. Method for configuration of a load balancing algorithm in a network device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Mizrahi et al., U.S. Appl. No. 12/537,078, filed Aug. 6, 2009.
Thaler et al., "Multipath Issues in Unicast and Multicast Next-Hop Selection," The Internet Society, 2000, 10 pages.

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10244047B1 (en) 2008-08-06 2019-03-26 Marvell Israel (M.I.S.L) Ltd. Hash computation for network switches
US9237100B1 (en) 2008-08-06 2016-01-12 Marvell Israel (M.I.S.L.) Ltd. Hash computation for network switches
US9503435B2 (en) 2010-11-30 2016-11-22 Marvell Israel (M.I.S.L) Ltd. Load balancing hash computation for network switches
US9455967B2 (en) 2010-11-30 2016-09-27 Marvell Israel (M.I.S.L) Ltd. Load balancing hash computation for network switches
US9455966B2 (en) 2010-11-30 2016-09-27 Marvell Israel (M.I.S.L) Ltd. Load balancing hash computation for network switches
US20120230194A1 (en) * 2011-03-11 2012-09-13 Broadcom Corporation Hash-Based Load Balancing in Large Multi-Hop Networks with Randomized Seed Selection
US20120287946A1 (en) * 2011-05-13 2012-11-15 Broadcom Corporation Hash-Based Load Balancing with Flow Identifier Remapping
US9871728B2 (en) 2013-04-04 2018-01-16 Marvell Israel (M.I.S.L) Ltd. Exact match hash lookup databases in network switch devices
US9537771B2 (en) 2013-04-04 2017-01-03 Marvell Israel (M.I.S.L) Ltd. Exact match hash lookup databases in network switch devices
US9906592B1 (en) 2014-03-13 2018-02-27 Marvell Israel (M.I.S.L.) Ltd. Resilient hash computation for load balancing in network switches
US20150312153A1 (en) * 2014-04-23 2015-10-29 Dell Products L.P. Systems and methods for load-balancing in a data center
US9413668B2 (en) * 2014-04-23 2016-08-09 Dell Products L.P. Systems and methods for load-balancing in a data center
US10200286B2 (en) 2014-04-23 2019-02-05 Dell Products L.P. Systems and methods for load balancing in a data center
US10587516B1 (en) * 2014-07-15 2020-03-10 Marvell Israel (M.I.S.L) Ltd. Hash lookup table entry management in a network device
US9876719B2 (en) 2015-03-06 2018-01-23 Marvell World Trade Ltd. Method and apparatus for load balancing in network switches
US10904150B1 (en) 2016-02-02 2021-01-26 Marvell Israel (M.I.S.L) Ltd. Distributed dynamic load balancing in network systems
US11962505B1 (en) 2016-02-02 2024-04-16 Marvell Israel (M.I.S.L) Ltd. Distributed dynamic load balancing in network systems
CN109642923A (en) * 2016-06-28 2019-04-16 贝宝公司 Current-dividing network data are to execute load balance
US10432531B2 (en) 2016-06-28 2019-10-01 Paypal, Inc. Tapping network data to perform load balancing
WO2018005550A1 (en) * 2016-06-28 2018-01-04 Paypal, Inc. Tapping network data to perform load balancing
CN109642923B (en) * 2016-06-28 2021-07-20 贝宝公司 Offloading network data to perform load balancing
US11082346B2 (en) 2016-06-28 2021-08-03 Paypal, Inc. Tapping network data to perform load balancing
US10243857B1 (en) 2016-09-09 2019-03-26 Marvell Israel (M.I.S.L) Ltd. Method and apparatus for multipath group updates

Also Published As

Publication number Publication date
US9455967B2 (en) 2016-09-27
CN102571558B (en) 2016-08-31
US20120134497A1 (en) 2012-05-31
US20120134266A1 (en) 2012-05-31
US8660005B2 (en) 2014-02-25
US9503435B2 (en) 2016-11-22
US20140325228A1 (en) 2014-10-30
US20140160934A1 (en) 2014-06-12
US20120136999A1 (en) 2012-05-31
US8756424B2 (en) 2014-06-17
CN102571558A (en) 2012-07-11
US9455966B2 (en) 2016-09-27
US20140115167A1 (en) 2014-04-24

Similar Documents

Publication Publication Date Title
US9455967B2 (en) Load balancing hash computation for network switches
US10244047B1 (en) Hash computation for network switches
US9876719B2 (en) Method and apparatus for load balancing in network switches
US8509236B2 (en) Techniques for selecting paths and/or trunk ports for forwarding traffic flows
US8730967B1 (en) Policy-based virtual routing and forwarding (VRF) assignment
US8274980B2 (en) Ethernet link aggregation
US8503456B2 (en) Flow based path selection randomization
US9246810B2 (en) Hash-based load balancing with per-hop seeding
US8565239B2 (en) Node based path selection randomization
US20080159150A1 (en) Method and Apparatus for Preventing IP Datagram Fragmentation and Reassembly
US9954791B2 (en) Network interface selection for network connections
US10243857B1 (en) Method and apparatus for multipath group updates
US9906592B1 (en) Resilient hash computation for load balancing in network switches
US20230379244A1 (en) Ultra reliable segment routing
US9467367B2 (en) Universal labels in internetworking
US20220294712A1 (en) Using fields in an encapsulation header to track a sampled packet as it traverses a network
CN112637237A (en) Service encryption method, system, equipment and storage medium based on SRoU
US8761205B2 (en) Method for transmitting and configuring a data packet in a network
Nakamura et al. Layer-3 multipathing in commodity-based data center networks
JP2006311164A (en) Packet transfer equipment

Legal Events

Date Code Title Description
AS Assignment

Owner name: MARVELL ISRAEL (M.I.S.L) LTD., ISRAEL

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:ROITSHTEIN, AMIR;MIZRAHI, TAL;SIGNING DATES FROM 20111124 TO 20111127;REEL/FRAME:027298/0349

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8